Configuration procedure
To create a local key pair:
Step
1.
Enter system view.
2.
Create a local key pair.
Distributing a local host public key
You must distribute a local host public key to a peer device so the peer device can use the public key to
encrypt information sent to the local device or authenticate the digital signature signed by the local
device.
To distribute a local host public key:
1.
Record the key or export the key to a file
2.
Transfer the key, for example, by using FTP or TFTP
This section covers only the first task.
The following methods are available for recording or exporting a local host public key:
Export a host public key to a file. Uuse this method if you can import public keys from a file on the
•
peer device).
Export a host public key, and then copy and paste it to a file. Use this method if you can import
•
public keys from a file on the peer device).
Display a host public key. Use this method if you must manually enter the key on the peer device).
•
Exporting a host public key to a file
Step
1.
Enter system view.
Command
system-view
•
In Release 2307 and Release
2310:
public-key local create { dsa |
ecdsa | rsa } [ name key-name ]
•
In Release 231 1P04 and later
versions:
In non-FIPS mode:
public-key local create { dsa
| ecdsa { secp192r1 |
secp256r1 } | rsa } [ name
key-name ]
In FIPS mode:
public-key local create { dsa
| ecdsa secp256r1 | rsa }
[ name key-name ]
Command
system-view
177
Remarks
N/A
By default, no local key pairs exist.
Remarks
N/A