Implementing Keychain Management on Cisco IOS XR Software
How to Implement Keychain Management
SC-79
Cisco IOS XR System Security Configuration Guide
DETAILED STEPS
Configuring a Key Identifier for the Keychain
This task configures a key identifier for the keychain.
You can create or modify the key for the keychain.
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
key chain
key-chain-name
Example:
RP/0/RP0/CPU0:router(config)# key chain isis-keys
Creates a name for the keychain.
Step 3
accept-tolerance [
value
| infinite]
Example:
RP/0/RP0/CPU0:router(config-isis-keys)#
accept-tolerance infinite
Configures a tolerance value to accept keys for the
keychain.
• Use the value argument to set the tolerance
range in seconds. The range is from 1 to
8640000.
• Use the infinite keyword to specify that the
tolerance specification is infinite.
Step 4
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isis-keys)# end
or
RP/0/RP0/CPU0:router(config-isis-keys)# commit
Saves configuration changes.
• When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
–
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
To Next Page
Loading...
