237
Views
System view
Predefined user roles
network-admin
Parameters
dsa: Specifies the DSA type.
ecdsa: Specifies the ECDSA type.
rsa: Specifies the RSA type.
name key-name: Specifies the name of a local key pair. The key-name argument is a case-insensitive
string of 1 to 64 characters, including letters, digits, and hyphens (-). If no name is specified, the
command destroys the specified type of local key pairs that take the default names.
Usage guidelines
To avoid key compromise, destroy the local key pair and generate a new pair after any of the following
conditions occurs:
• An intrusion event has occurred.
• The storage media of the device is replaced.
• The local certificate has expired. For more information about local certificates, see Security
Configuration Guide.
Examples
# Destroy the local RSA key pairs with the default names.
<Sysname> system-view
[Sysname] public-key local destroy rsa
Confirm to destroy the key pair? [Y/N]:y
# Destroy the local DSA key pair with the default name.
<Sysname> system-view
[Sysname] public-key local destroy dsa
Confirm to destroy the key pair? [Y/N] :y
# Destroy the local ECDSA key pair with the default name.
<Sysname> system-view
[Sysname] public-key local destroy ecdsa
Confirm to destroy the key pair? [Y/N]:y
# Destroy the local RSA key pair rsa1.
<Sysname> system-view
[Sysname] public-key local destroy rsa name rsa1
Confirm to destroy the key pair? [Y/N]:y
# Destroy the local DSA key pair dsa1.
<Sysname> system-view
[Sysname] public-key local destroy dsa name dsa1
Confirm to destroy the key pair? [Y/N] :y
# Destroy the local ECDSA key pair ecdsa1.
<Sysname> system-view
[Sysname] public-key local destroy ecdsa name ecdsa1
To Next Page
Loading...
Need help?
General
