1. Manuals
  2. Brands
  3. HP Manuals
  4. Network Router
  5. 5120 SI Series
  6. Security configuration manual

Displaying Or Exporting The Local Rsa Or Dsa Host Public Key; Destroying An Asymmetric Key Pair - HP 5120 SI Series Security Configuration Manual

Hide thumbs Also See for 5120 SI Series:
Table of Contents

Advertisement

In non-FIPS mode, the DSA and RSA key modulus lengths are in the range of 512 to 2048 bits, and
default to 1024 bits.
In FIPS mode, the DSA key modulus length is in the range of 1024 to 2048 bits, and defaults to
1024 bits. The RSA key modulus length must be 2048 bits.
When using the command to create DSA or RSA key pairs, you will be prompted to provide the length
of the key modulus. To achieve higher security, specify the modulus length to be at least 768 bits.
NOTE:
Key pairs created with the public-key local create command are saved automatically and can survive
system reboots.

Displaying or exporting the local RSA or DSA host public key

Display the local RSA or DSA host public key on the screen or export it to a specified file. Then, you can
configure the local RSA or DSA host public key on the remote end so that the remote end can use the host
public key to authenticate the local end through digital signature.
Follow these steps to display or export the local RSA or DSA host public key:
To do...
Enter system view
Display the local RSA host public
key on the screen in a specified
format, or export it to a specified
file
Display the local DSA host public
key on the screen in a specified
format or export it to a specified
file

Destroying an asymmetric key pair

You may need to destroy an asymmetric key pair and generate a new pair when an intrusion event has
occurred, the storage media of the device is replaced, the asymmetric key has been used for a long time,
or the certificate from the Certificate Authority (CA) expires. To check the certificate status, use the display
pki certificate command. For more information about the CA and certificate, see the chapter "PKI
configuration."
Follow these steps to destroy an asymmetric key pair:
To do...
Enter system view
Destroy an asymmetric key pair
Use the command...
system-view
In non-FIPS mode:
public-key local export rsa
{ openssh | ssh1 | ssh2 }
[ filename ]
In FIPS mode:
public-key local export rsa
{ openssh | ssh2 } [ filename ]
public-key local export dsa
{ openssh | ssh2 } [ filename ]
Use the command...
system-view
public-key local destroy { dsa |
rsa }
213
Remarks
Select a command according to
the type of the key to be exported.
Remarks
Required

Advertisement

Table of Contents
loading

Related Manuals for HP 5120 SI Series

Related Content for HP 5120 SI Series

Table of Contents