Security
72
"FD 100/320Gbps NT and FX NT IHub System
Basics, Management and OAM Guide"
3HH-11982-AAAA-TQZZA Issue: 10
4.4.3.8 begin-time
Table 80 begin-time command
Parameters entry-id — Specifies an entry that represents a key configuration to be applied to a keychain.
Values: 0 — 63 | null-key
key — Specifies a key ID which is used along with keychain-name and direction to uniquely
identify this particular key entry.
authentication-key — Specifies the authentication-key that will be used by the encryption
algorithm. The key is used to sign and authenticate a protocol packet.
The authentication-key can be any combination of letters or numbers.
Values: A key must be 160 bits for algorithm hmac-sha-1-96 and must be 128 bits
for algorithm aes-128-cmac-96. If the key given with the entry command
amounts to less than this number of bits, then it is padded internally with
zero bits up to the correct length.
hash2-key — The hash2 key. The key can be any combination of ASCII characters up to 96
characters for the hash2-key in length (encrypted). If spaces are used in the string, enclose the
entire string in quotation marks (“”).
This is useful when a user must configure the parameter, but, for security purposes, the actual
unencrypted key value is not provided.
hash2 — Specifies the key is entered in an encrypted form, using a complex encryption
algorithm. If the hash2 parameter is not used, the key is assumed to be in a non-encrypted,
clear text form.
For security, all keys are stored in encrypted form in the configuration file with the hash2
parameter specified.
algorithm algorithm — Specifies an enumerated integer that indicates the encryption
algorithm to be used by the key defined in the keychain.
Values: aes-128-cmac-96 — Specifies an algorithm based on the AES standard
hmac-sha-1-96 — Specifies an algorithm based on SHA-1.
Item Description
(2 of 2)
Item Description
Syntax begin-time [date] [hours-minutes] [UTC] [now] [forever]
Context configure>system>security>keychain>direction>bi>entry
configure>system>security>keychain>direction>uni>receive>entry
configure>system>security>keychain>direction>uni>send>entry
Description This command specifies the calendar date and time after which the key specified by the
keychain authentication key is used to sign and/or authenticate the protocol stream.
If no date and time is set, the begin-time is represented by a date and time string with all NULLs
and the key is not valid by default.
(1 of 2)
To Next Page
Loading...
