260
Entering a peer host public key
Before you perform this task, make sure you have displayed the key on the peer device and recorded
the key. For information about displaying a host public key, see "Displaying a host public key."
Use the displ
ay public-key local public command to display the public key on the peer device. The
format of the public key displayed in any other way might be incorrect. If the key is not in the correct
format, the system discards the key and displays an error message. If the key is valid, the system
saves the key.
Always import rather than enter the peer host public key if you are not sure whether the device
supports the format of the recorded peer host public key.
To enter a peer host public key:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Specify a name for the peer
host public key and enter
public key view.
public-key peer
keyname
By default, no peer host public keys
exist.
3. Type or copy the key.
N/A
You can use spaces and carriage
returns, but the system does not save
them.
4. Return to system view.
peer-public-key end
When you exit public key view, the
system automatically saves the peer
host public key.
Displaying and maintaining public keys
Execute display commands in any view.
Task Command
Display local public keys.
display public-key local
{
dsa
|
ecdsa
|
rsa
}
public
[
name
key-name ]
Display peer host public keys.
display public-key peer
[
brief
|
name
publickey-name ]
Examples of public key management
Example for entering a peer host public key
Network requirements
As shown in Figure 81, to prevent illegal access, Device B authenticates Device A through a digital
signature. Before configuring authentication parameters on Device B, configure the public key of
Device A on Device B.
• Configure Device B to use the asymmetric key algorithm of RSA to authenticate Device A.
• Manually specify the host public key of Device A on Device B.
To Next Page
Loading...
Need help?
General