Displaying and maintaining public keys
Execute display commands in any view.
Task
Display local public keys.
Display peer public keys.
Example for entering a peer public key
Unless otherwise noted, devices in the configuration example are operating in non-FIPS mode.
Network requirements
As shown in
signature. Before configuring authentication parameters on Device B, configure the public key of Device
A on Device B.
Configure Device B to use the asymmetric key algorithm RSA to authenticate Device A.
•
Manually specify the host public key of Device A on Device B.
•
Figure 39 Network diagram
Device A
Configuration procedure
1.
Configure Device A:
# Create local RSA key pairs with default names on Device A, and use the default modulus length
1024 bits.
<DeviceA> system-view
[DeviceA] public-key local create rsa
The range of public key modulus is (512 ~ 2048).
If the key modulus is greater than 512, it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys...
.................++++++
......................................++++++
.....++++++++
..............++++++++
Create the key pair successfully.
Figure
39, to prevent illegal access, Device B authenticates Device A through a digital
Device B
Command
display public-key local { dsa | ecdsa | rsa } public [ name
key-name ]
display public-key peer [ brief | name publickey-name ] [ name
key-name ]
120