1. The passive administrator is prompted to send the active administrator the public key. The passive administrator simply presses "return" to continue.
  2. The passive administrator is prompted for a public key name. Once entered, the public key is sent to the active administrator.
  3. The serial number and fingerprint of the key appear on both ends.
  4. Once the active administrator has verified the passive side's public key via voice, the public key is accepted.

The keys are now exchanged, but are stored only in the running configuration of the router. It is recommended that they be saved to NVRAM.