239
Configuration task list
Public key configuration tasks enable you to manage the local asymmetric key pairs, and configure the
peer host public keys on the local device. By completing these tasks, the local device is ready to work
with applications such as SSH and SSL to implement data encryption/decryption, or digital signature.
Complete these tasks to configure public keys:
Task Remarks
Configuring a local
asymmetric key pair
on the local device.
Creating a local asymmetric key pair
Perform the tasks as
needed.
Displaying or exporting the local host public key
Destroying a local asymmetric key pair
Specifying the peer public key on the local device
Creating a local asymmetric key pair
When you create an asymmetric key pair on the local device, follow these guidelines:
• Create an asymmetric key pair of the proper type to work with a target application.
• After you enter the command, specify a proper modulus length for the key pair.
Table 15 A comparison of different types of asymmetric key algorithms
T
e Number of ke
airs
Modulus len
th
RSA
• In non-FIPS mode: the system creates
one server key pair and one host key
par.
• In FIPS mode: the system creates a host
key pair.
• In non-FIPS mode: 512 to 2048 bits and defaults
to 1024 bits.
• In FIPS mode: 2048 bits.
HP recommendation: a minimum of 768 bits.
DSA The system creates a host key pair.
• In non-FIPS mode: 512 to 2048 bits and defaults
to 1024 bits.
• In FIPS mode: 1024 to 2048 bits and defaults to
1024 bits.
HP recommendation: a minimum of 768 bits.
ECDSA The system creates a host key pair.
• 192 bits, when the secp192r1 curve is used to
create the key pair. (Available in non-FIPS mode
only.)
• 256 bits, when the secp256r1 curve is used to
create the key pair.
To Next Page
Loading...
Need help?
General