Displaying A Host Public Key; Destroying A Local Key Pair; Configuring A Peer Public Key - HP VSR1000 Security Configuration Manual
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
Step
2.
Display local host public keys
in a specific format.
Displaying a host public key
Display a host public key and copy it to an unformatted file. You must literally enter the key on the peer
device.
Perform the following tasks in any view:
Task
Display local RSA public keys.
Display local DSA public keys.
NOTE:
Do not distribute the RSA server public key serverkey (default) to a peer device.
Destroying a local key pair
To avoid key compromise, destroy the local key pair and generate a new pair after any of the following
conditions occurs:
An intrusion event has occurred.
•
The storage media of the device is replaced.
•
•
The local certificate has expired. For more information about local certificates, see
PKI."
To destroy a local key pair:
Step
1.
Enter system view.
Destroy a local key pair.
2.
Configuring a peer public key
To encrypt information sent to a peer device or authenticate the digital signature of the peer device, you
must configure the peer device's public key on the local device.
Command
•
Display RSA host public keys:
In non-FIPS mode:
public-key local export rsa [ name key-name ] { openssh | ssh1 |
ssh2 }
In FIPS mode:
public-key local export rsa [ name key-name ] { openssh | ssh2 }
•
Display DSA host public keys:
public-key local export dsa [ name key-name ] { openssh | ssh2 }
Command
display public-key local rsa public [ name key-name ]
display public-key local dsa public [ name key-name ]
Command
system-view
public-key local destroy { dsa |
rsa } [ name key-name ]
126
"Configuring
Remarks
N/A
N/A
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
