Sometimes you need to remove SSH so that your customer will be able to access SSH behind NAT.
You can do this by means of :
no crypto key generate rsa
you device will reply you : no no !! You must do this :
crypto key zeroize rsa
such as :
Router(config)#no crypto key generate rsa % Use 'crypto key zeroize rsa' to delete signature keys. Router(config)#crypto key zeroize rsa % All RSA keys will be removed. % All router certs issued using these keys will also be removed. Do you really want to remove these keys? [yes/no]: yes Router(config)#