Configuration Procedure; Distributing A Local Host Public Key - HP FlexFabric 5930 Series Security Configuration Manual

Hide thumbs Also See for FlexFabric 5930 Series:

Configuration manuals (467 pages)

Command reference manual (87 pages)

Installation manual (73 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

Table of Contents

If you do not assign the key pair a name, the system assigns the default name to the key pair and

•

marks the key pair as default. You can also assign the default name to another key pair, but the

system does not mark the key pair as default.

•

The name of a key pair must be unique among all manually named key pairs that use the same key

algorithm, but can be the same as a key pair that uses a different key algorithm. If a name conflict

occurs, the system asks whether you want to overwrite the existing key pair.

The key pairs are automatically saved and can survive system reboots.

•

Table 5 A comparison of different types of asymmetric key algorithms

Type

RSA

DSA

ECDSA

NOTE:

Only SSH 1.5 uses the RSA server key pair.

Configuration procedure

To create a local key pair:

Step

Enter system view.

Create local DSA or RSA key

pairs.

Distributing a local host public key

You must distribute a local host public key to a peer device so the peer device can use the public key to

encrypt information sent to the local device or authenticate the digital signature signed by the local

device.

To distribute a local host public key:

Record the key or export the key to a file

Transfer the key, for example, by using FTP or TFTP

This section covers only the first task.

The following are the methods available for recording or exporting a local host public key:

Number of key pairs

•

If you specify the key pair name, the

command creates a host key pair.

•

If you do not specify the key pair

name, the command creates one

server key pair and one host key pair,

and both key pairs use their default

names.

The command only creates one host key

pair.

The command only creates one host key

pair.

Command

system-view

public-key local create { dsa |

ecdsa | rsa } [ name key-name ]

Modulus length

The value range is

512 to 2048 and the

default is1024, in bits.

512 to 2048 bits

1024 by default

192 bits

HP recommendation

At least 768 bits

N/A

Remarks

N/A

By default, no local key pair exists.

Table of Contents

Configuration Procedure; Distributing A Local Host Public Key - HP FlexFabric 5930 Series Security Configuration Manual

Configuration procedure

Distributing a local host public key

Troubleshooting

Related Manuals for HP FlexFabric 5930 Series

Related Content for HP FlexFabric 5930 Series

Table of Contents