EasyManua.ls Logo

HPE FlexFabric 5940 SERIES

HPE FlexFabric 5940 SERIES
571 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
257
When you create an RSA or DSA key pair, enter an appropriate key modulus length at the
prompt. The longer the key modulus length, the higher the security, the longer the key
generation time.
When you create an ECDSA key pair, choose the appropriate elliptic curve. The elliptic curve
determines the ECDSA key length. The longer the key length, the higher the security, the longer
the key generation time.
See Table 21 for more info
rmation about key modulus lengths and key lengths.
If you do not assign the key pair a name, the system assigns the default name to the key pair
and marks the key pair as default. You can also assign the default name to another key pair, but
the system does not mark the key pair as default. The key pair name must be unique among all
manually named key pairs that use the same key algorithm. If a name conflict occurs, the
system asks whether you want to overwrite the existing key pair.
The key pairs are automatically saved and can survive system reboots.
Table 21 A comparison of different types of asymmetric key algorithms
Type Generated key pairs Modulus/key length
RSA
In non-FIPS mode:
{ One host key pair, if you specify a key
pair name.
{ One server key pair and one host key
pair, if you do not specify a key pair
name.
Both key pairs use their default names.
In FIPS mode: One host key pair.
NOTE:
Only SSH 1.5 uses the RSA server key pair.
In non-FIPS mode: 512 to 2048 bits,
1024 bits by default.
To ensure security, use a minimum
of 768 bits.
In FIPS mode: 2048 bits.
DSA One host key pair.
In non-FIPS mode: 512 to 2048 bits,
1024 bits.
To ensure security, use a minimum
of 768 bits.
In FIPS mode: 2048 bits.
ECDSA One host key pair.
In non-FIPS mode: 192, 256, 384, or
521 bits.
In FIPS mode: 256, 384, or 521 bits.
To create a local key pair:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create a local key pair.
In non-FIPS mode:
public-key local create
{ dsa | ecdsa [ secp192r1 |
secp256r1 | secp384r1 |
secp521r1 ] | rsa } [ name
key-name ]
In FIPS mode:
public-key local create
{ dsa | ecdsa [ secp256r1 |
secp384r1 | secp521r1 ] |
rsa } [ name key-name ]
By default, no local key pairs exist.

Table of Contents

Other manuals for HPE FlexFabric 5940 SERIES

Preview: Fundamentals Command Reference
Fundamentals Command Reference289 pages
Preview: Configuration Guide
Configuration Guide334 pages
Preview: Command Reference
Command Reference139 pages

Related product manuals