EasyManuals Logo

H3C MSR Series Command Reference

H3C MSR Series
1187 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #469 background imageLoading...
Page #469 background image
446
Predefined user roles
network-admin
Parameters
name key-name: Specifies a local ECDSA key pair by its name, a case-insensitive string of 1 to 64
characters. Valid characters are letters, digits, and hyphens (-). If you do not specify a key pair, this
command exports the host public key of the local ECDSA key pair with the default name.
openssh: Exports the host public key in OpenSSH format.
ssh2: Exports the host public key in SSH2.0 format.
filename: Specifies the name of the file for saving the ECDSA host public key. The file name is a
case-insensitive string of 1 to 128 characters. The name cannot be all dots (.), hostkey, serverkey,
dsakey, or ecdsakey, and cannot start with a slash (/) or contain ./ and ../. For more information about
file names, see Fundamentals Configuration Guide. If you do not specify a file name, this command
does not export the key to a file but displays the key on the monitor screen.
Usage guidelines
You can use this command to export a local ECDSA host public key before distributing it to a peer
device.
To distribute a local ECDSA host public key to a peer device:
1. Save the exported ECDSA host public key to a file by using one of the following methods:
Use the public-key local export ecdsa [ name key-name ] { openssh | ssh2 } command
to export the local host public key, and then copy and paste it to a file.
Use the public-key local export ecdsa [ name key-name ] { openssh | ssh2 } filename
command to export the host public key to a file. You cannot export the key to the folder pkey
or its subfolders.
2. Transfer a copy of the file to the peer device, for example, by using FTP in binary mode or TFTP.
For more information about FTP and TFTP, see Fundamentals Configuration Guide.
3. On the peer device, use the public-key peer import sshkey command to import the host
public key from the file.
SSH2.0 and OpenSSH are different public key formats. Choose the correct format that is supported
by the device where you import the host public key.
Only the ECDSA host public key generated by using the secp256r1 curve can be exported.
Examples
# In FIPS mode, export the host public key of the local ECDSA key pair with the default name in
OpenSSH format to a file named key.pub.
<Sysname> system-view
[Sysname] public-key local export ecdsa openssh key.pub
# In FIPS mode, display the host public key of the local ECDSA key pair with the default name in
SSH2.0 format.
<Sysname> system-view
[Sysname] public-key local export ecdsa ssh2
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "ecdsa-sha2-nistp256-2014/07/06"
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBREw5tkARpbV+sYArt/xcW+UJEAevx7O
ckTtTLPBiLP5bWkSdKbvo+3oHRuIyZqmNTIcxuBjuBap+pHc919C58=
---- END SSH2 PUBLIC KEY ----
# In FIPS mode, display the host public key of the local ECDSA key pair with the default name in
OpenSSH format.
<Sysname> system-view

Table of Contents

Other manuals for H3C MSR Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C MSR Series and is the answer not in the manual?

H3C MSR Series Specifications

General IconGeneral
CategoryNetwork Router
IPv6 SupportYes
DimensionsVaries by model
WeightVaries by model
Product TypeModular Router
PortsVaries by model
WAN InterfacesVaries by model
FirewallYes
QoSYes
Wireless SupportVaries by model
USB PortsVaries by model
Console PortYes
Power SupplyVaries by model
RedundancyVaries by model
Operating Temperature0°C to 45°C
Storage Temperature-40°C to 70°C
Humidity5% to 95% non-condensing
SeriesMSR
CertificationsCE, FCC, RoHS

Related product manuals