Keychain; Table 6: Keychain Mapping - Alcatel-Lucent 7450 System Management Manual

TCP Enhanced Authentication Option

Keychain

The keychain mechanism allows for the creation of keys used to authenticate protocol
communications. Each keychain entry defines the authentication attributes to be used in
authenticating protocol messages from remote peers or neighbors, and it must include at least
one key entry to be valid. Through the use of the keychain mechanism, authentication keys can
be changed without affecting the state of the associated protocol adjacencies for OSPF, IS-IS,
BGP, LDP, and RSVP-TE.
Each key within a keychain must include the following attributes for the authentication of
protocol messages:
In addition, additional attributes can be optionally specified, including:
Table 6

Table 6: Keychain Mapping

Definition
The key identifier expressed as an integer
(0...63)
Authentication algorithm to use with
key[i]
Shared secret to use with key[i].
Page 62
• key identifier
• authentication algorithm
• authentication key
• direction
• start time
• end time
• tolerance
shows the mapping between these attributes and the CLI command to set them.
config>system>security>keychain>direction>bi>entry
config>system>security>keychain>direction>uni>receive>entry
config>system>security>keychain>direction>uni>send>entry
config>system>security>keychain>direction>bi>entry with algorithm algo-
rithm parameter.
config>system>security>keychain>direction>uni>receive>entry with algo-
rithm algorithm parameter.
config>system>security>keychain>direction>uni>send>entry with algorithm
algorithm parameter.
config>system>security>keychain>direction>uni>receive>entry with shared
secret parameter
config>system>security>keychain>direction>uni>send>entry with shared
secret parameter
config>system>security>keychain>direction>bi>entry with shared secret
parameter
CLI
7450 ESS System Mangement Guide