240
NOTE:
Only SSH 1.5 uses the RSA server key pair.
To create a local asymmetric key pair:
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a local key pair.
• In non-FIPS mode:
public-key local create { dsa |
ecdsa { secp192r1 |
secp256r1 } | rsa }
• In FIPS mode:
public-key local create { dsa |
ecdsa secp256r1 | rsa }
By default, no local asymmetric key
pairs exist.
Key pairs created with the
public-key local create command
are saved automatically and can
survive system reboots.
Displaying or exporting the local host public key
In some applications, such as SSH, to allow your local device to be authenticated by a peer device
through digital signature, you must display or export the local host public key, which will then be
specified on the peer device.
To display or export the local host public key, choose one of the following methods:
• Displaying and recording the host public key information
• Displaying the host public key in a specif
ic format and saving it to a file
• Exporting the host public key in a specific format to a file
If y
our local device functions to authenticate the peer device, you must specify the peer public key on the
local device. For more information, see "Specifying the peer public key on the local device."
Displaying and recording the host public key information
To display the local public key:
Task Command
Remarks
Display the local RSA public key.
display public-key local rsa public [ | { begin
| exclude | include } regular-expression ]
Available in any view.
Use at least one
command.
Display the local ECDSA public
key.
display public-key local ecdsa public [ |
{ begin | exclude | include }
regular-expression ]
Display the local DSA host public
key.
display public-key local dsa public [ | { begin
| exclude | include } regular-expression ]
The display public-key local rsa public command displays both the RSA server and host public keys.
Recording the RSA host public key is enough.
After displaying the host public key, record the key information for manual configuration of the key on the
peer device.
To Next Page
Loading...
Need help?
General