231
Task Remarks
Configuring a local
asymmetric key pair on the
local device
Creating a local asymmetric key pair Required
Displaying or exporting the local host public key Optional
Destroying a local asymmetric key pair Optional
Specifying the peer public key on the local device Optional
Configuring a local asymmetric key pair on the
local device
Creating a local asymmetric key pair
Configuration guidelines
When you create an asymmetric key pair on the local device, follow these guidelines:
• Create an asymmetric key pair of the proper type to work with a target application.
• After you enter the command, specify a proper modulus length for the key pair. The following table
compares the three types of key pairs.
Table 12 A comparison between different types of asymmetric key pairs
T
e Number of ke
airs
Modulus len
th
Remarks
RSA
Two key pairs, one server key pair and one
host key par. Each key pair comprises a
public key and a private key
512 to 2048 bits
1024 by default
To achieve high
security, specify at least
768 bits.
DSA One key pair, the host key pair
IMPORTANT:
Only SSH1.5 uses the RSA server key pair.
Configuration procedure
Follow these steps to create a local asymmetric key pair:
To do… Use the command…
Remarks
Enter system view system-view —
Create a local asymmetric key pair public-key local create { dsa | rsa }
Required
By default, no asymmetric key pair
is created.
NOTE:
Key pairs created with the public-key local create command are saved automatically and can survive
system reboots.
To Next Page
Loading...
Need help?
General