AT-9000 Switch Command Line User’s Guide
Section XI: Management Security 1143
CRYPTO KEY GENERATE HOSTKEY
Syntax
crypto key generate hostkey dsa|rsa|rsa1 [
value
]
Parameters
dsa Creates a DSA key that is compatible with SSH versions
1 and 2.
rsa Creates an RSA key that is compatible with SSH version
2.
rsa1 Creates an RSA key that is compatible with SSH version
1.
value Specifies the length of the encryption key in bits. The
length is specified only for an RSA key and is optional.
The range is 768 to 2048 bits. DSA and RSA1 keys have
fixed lengths of 1024 bits.
Mode
Global Configuration mode
Confirmation Command
“SHOW CRYPTO KEY HOSTKEY” on page 1147
Description
Use this command to create the encryption key for the Secure Shell
server. You must create the key before activating the server. The switch
can have one key of each type at the same time.
If you create a new key when the switch already has a key of that type, the
new key overwrites the old key. For example, if you create a new RSA key
when the switch already has an RSA key, the new key replaces the
existing key.
A new encryption key is automatically saved by the switch when you enter
the command. You do not have to enter the WRITE command or the
COPY RUNNING-CONFIG STARTUP-CONFIG command
DSA and RSA1 keys take less than a minute to create. An RSA key that
has the maximum key length of 2048 bits may take as much as four
minutes for the switch to create.
To Next Page
Loading...
