Asymmetric Key Algorithm Applications; Configuring The Local Asymmetric Key Pair; Creating A Local Asymmetric Key Pair; Displaying Or Exporting The Local Rsa Or Dsa Host Public Key - HP A6600 Configuration Manual
Hide thumbs
Also See for A6600:
- Configuration manual (426 pages) ,
- Getting started (222 pages) ,
- Limited warranty (41 pages)
Table of Contents
Advertisement
Asymmetric key algorithm applications
Asymmetric key algorithms can be used for encryption and digital signature.
Encryption—The sender uses the public key of the intended receiver to encrypt the information to be
•
sent. Only the intended receiver, the holder of the paired private key, can decrypt the information.
This mechanism ensures confidentiality.
Digital signature—The sender "signs" the information to be sent by encrypting the information with
•
its own private key. A receiver decrypts the information with the sender's public key and, based on
whether the information can be decrypted, determines the authenticity of the information.
RSA and DSA are asymmetric key algorithms. RSA can be used for data encryption/decryption and
signature, whereas DSA can be used for signature only.
NOTE:
Symmetric key algorithms are often used to encrypt/decrypt data for security. Asymmetric key
algorithms are usually used in digital signature applications for peer identity authentication because
they involve complex calculations and are time consuming. In digital signature applications, only the
digests, which are relatively short, are encrypted.
Configuring the local asymmetric key pair
create and destroy a local asymmetric key pair and export the host public key of a local asymmetric key
pair.
Creating a local asymmetric key pair
To do...
1.
Enter system view.
2.
Create a local DSA key pair
or RSA key pairs.
The public-key local create rsa command generates two key pairs: one server key pair and one host key
pair. Each key pair comprises a public key and a private key. The public-key local create dsa command
generates only one key pair, the host key pair.
After you enter the command, you are asked to specify the modulus length. The length of an RAS or DSA
key modulus ranges from 512 to 2048 bits. To achieve higher security, specify a modulus of at least
768 bits.
NOTE:
Key pairs created with public-key local create are saved automatically and can survive system reboots.
Displaying or exporting the local RSA or DSA host public key
Display the local RSA or DSA host public key on the screen or export it to a specified file. Then,
configure the local RSA or DSA host public key on the remote end so that the remote end can use the
host public key to authenticate the local end through digital signature.
Command...
system-view
public-key local create { dsa | rsa
}
212
Remarks
—
Required.
By default, no key pair is created.
Advertisement
Table of Contents
Troubleshooting
