215
Displaying and maintaining public keys
To do… Use the command… Remarks
Display the public keys of the local
key pairs
display public-key local { dsa |
rsa } public [ | { begin | exclude |
include } regular-expression ]
Available in any view
Display the public keys of the
remote hosts
display public-key peer [ brief |
name publickey-name ] [ | { begin
| exclude | include }
regular-expression ]
Public key configuration examples
Unless otherwise noted, devices in the configuration examples are operating in non-FIPS mode.
Configuring a remote host's public key manually
Network requirements
As shown in Figure 79, to prevent illegal access, Device B authenticates Device A through a digital
signature. Before configuring authentication parameters on Device B, configure the public key of Device
A on Device B.
• Configure Device B to use the asymmetric key algorithm of RSA for identity authentication of Device
A.
• Manually configure the host public key of Device A on Device B.
Figure 74 Network diagram for manually configuring a remote host's public key
Configuration procedure
1. Configure Device A:
# Create RSA key pairs on Device A.
<DeviceA> system-view
[DeviceA] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++
++++++
++++++++
++++++++
To Next Page
Loading...
