Key Management System
Configuring Key Chain Management
duration < mm/dd/yy [ yy ] hh:mm:ss | SECONDS >
Specifies the time period during which the switch
can use this key to authenticate inbound packets.
Duration is either an end date and time or the
number of seconds to allow after the start date and
time (which is the accept-lifetime setting).
send-lifetime <mm/dd/yy[yy] hh:mm:ss | now>
Specifies the start date and time of the valid period
in which the switch can transmit this key as
authentication for outbound packets.
duration < mm/dd/yy[yy] hh:mm:ss | SECONDS>
Specifies the time period during which the switch
can use this key to authenticate outbound packets.
Duration is either an end date and time or the
number of seconds to allow after the start date and
time (which is the accept-lifetime setting).
show key-chain <CHAIN_NAME>
Displays the detail information about the keys used
in the key chain named CHAIN_NAME.
Note Using time-dependent keys requires that all the switches have accurate,
synchronized time settings. You can manually set the time or use the Time
protocol feature included in the Series 5300XL switches. For more informa-
tion, refer to the chapter covering time protocols in the Management and
Configuration Guide for your switch.
For example, to add a number of keys to the key chain entry “Procurve2”:
Adds a key with
full time and date
Adds a key with
duration
expressed in
seconds.
Figure 11-3. Adding Time-Dependent Keys to a Key Chain Entry
11-6
To Next Page
Loading...
Need help?
General