Configuring The Local Asymmetric Key Pair; Creating An Asymmetric Key Pair; Displaying Or Exporting The Local Rsa Or Dsa Host Public Key - HP 5120 EI Switch Series Configuration Manual
Hide thumbs
Also See for 5120 EI Switch Series:
- Lan switching configuration manual (235 pages) ,
- Installation manual (92 pages) ,
- Specification (51 pages)
Table of Contents
Advertisement
Digital signature—The sender "signs" the information to be sent by encrypting the information with
its own private key. A receiver decrypts the information with the sender's public key and, based on
whether the information can be decrypted, determines the authenticity of the information.
The Revest-Shamir-Adleman Algorithm (RSA), and the Digital Signature Algorithm (DSA) are both
asymmetric key algorithms. RSA can be used for data encryption/decryption and signature, whereas DSA
is used for signature only.
NOTE:
Symmetric key algorithms are often used to encrypt/decrypt data for security. Asymmetric key
algorithms are usually used in digital signature applications for peer identity authentication because
they involve complex calculations and are time-consuming. In digital signature applications, only the
digests, which are relatively short, are encrypted.
Configuring the local asymmetric key pair
You can create and destroy a local asymmetric key pair, and export the host public key of a local
asymmetric key pair.
Creating an asymmetric key pair
Follow these steps to create an asymmetric key pair:
To do...
Enter system view
Create a local DSA key pair, or
RSA key pairs
The public-key local create rsa command generates two key pairs: one server key pair and one host key
pair. Each key pair comprises a public key and a private key. The public-key local create dsa command
generates only one key pair, the host key pair.
After you enter the command, you are asked to specify the modulus length. The length of an RAS or DSA
key modulus ranges from 512 to 2048 bits. To achieve higher security, specify a modulus at least 768
bits.
NOTE:
Key pairs created with the public-key local create command are saved automatically and can survive
system reboots.
Displaying or exporting the local RSA or DSA host public key
You can display the local RSA or DSA host public key on the screen or export it to a specified file. Then,
you can configure the local RSA or DSA host public key on the remote end so that the remote end can use
the host public key to authenticate the local end through digital signature.
Follow these steps to display or export the local RSA or DSA host public key:
Use the command...
system-view
public-key local create { dsa | rsa
}
180
Remarks
—
Required
By default, no key pair is created.
Advertisement
Table of Contents
Troubleshooting
