Distributing A Local Host Public Key - HP MSR Series Configuration Manual
Hpe flexnetwork msr router series
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
•
Enter an appropriate key modulus length at prompt (see
length, the higher the security, the longer the key generation time.
•
If you do not assign the key pair a name, the system assigns the default name to the key pair
and marks the key pair as default. You can also assign the default name to another key pair, but
the system does not mark the key pair as default. The key pair name must be unique among all
manually named key pairs that use the same key algorithm. If a name conflict occurs, the
system asks whether you want to overwrite the existing key pair.
•
The key pairs are automatically saved and can survive system reboots.
Table 11 A comparison of different types of asymmetric key algorithms
Type
RSA
DSA
ECDSA
To create a local key pair:
Step
1.
Enter system view.
2.
Create a local key pair.
Distributing a local host public key
You must distribute a local host public key to a peer device so the peer device can perform the
following operations:
•
Use the public key to encrypt information sent to the local device.
•
Authenticate the digital signature signed by the local device.
To distribute a local host public key, you must first export or display the key.
•
Export a host public key:
Export a host public to a file.
Export a host public key to the monitor screen, and then save it to a file.
After the key is exported to a file, transfer the file to the peer device. On the peer device, import
the key from the file.
Number of key pairs
•
In non-FIPS mode:
One host key pair, if you specify a key
pair name.
One server key pair and one host key
pair, if you do not specify a key pair
name.
Both key pairs use their default
names.
•
In FIPS mode: one host key pair.
NOTE:
Only SSH 1.5 uses the RSA server key pair.
One host key pair.
One host key pair.
Command
system-view
public-key local create { dsa | ecdsa
[ secp192r1 | secp256r1 | secp384r1 ]
| rsa } [ name key-name ]
Table
Modulus length
•
•
•
•
192 bits.
237
11). The longer the key modulus
In non-FIPS mode: 512 to 2048 bits
and defaults to 1024 bits.
Hewlett Packard Enterprise
recommends using 768 bits or
longer.
In FIPS mode: 2048 bits.
In non-FIPS mode: 512 to 2048 bits
and defaults to 1024 bits.
Hewlett Packard Enterprise
recommends using 768 bits or
longer.
In FIPS mode: 2048 bits.
Remarks
N/A
By default, no local key pairs exist.
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
