Implementing Keychain Management on Cisco IOS XR Software
How to Implement Keychain Management
SC-85
Cisco IOS XR System Security Configuration Guide
Configuring the Cryptographic Algorithm
This task allows the keychain configuration to accept the choice of the cryptographic algorithm.
SUMMARY STEPS
1. configure
2. key chain key-chain-name
3. key key-id
Step 4
send-lifetime
start-time
[duration
durationvalue
| infinite |
end-time
]
Example:
RP/0/RP0/CPU0:router(config-isis-keys)# key 8
RP/0/RP0/CPU0:router(config-isis-keys-0x8)#
send-lifetime 1:00:00 october 24 2005 infinite
(Optional) Specifies the set time period during which an
authentication key on a keychain is valid to be sent. You can
specify the validity of the key lifetime in terms of clock
time.
In addition, you can specify a start-time value and one of the
following values:
• duration keyword (seconds)
• infinite keyword
• end-time argument
If you intend to set lifetimes on keys, Network Time
Protocol (NTP) or some other time synchronization method
is recommended.
Step 5
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isis-keys-0x8)# end
or
RP/0/RP0/CPU0:router(config-isis-keys-0x8)#
commit
Saves configuration changes.
• When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
–
Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
–
Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Command or Action Purpose
To Next Page
Loading...
Need help?
General
