Task
Configuring a local
asymmetric key pair on the
local device
Specifying the peer public key on the local device
Configuring a local asymmetric key pair on the
local device
Creating a local asymmetric key pair
Configuration guidelines
When you create an asymmetric key pair on the local device, follow these guidelines:
Create an asymmetric key pair of the proper type to work with a target application.
•
After you enter the command, specify a proper modulus length for the key pair. The following table
•
compares the three types of key pairs.
Table 12 A comparison between different types of asymmetric key pairs
Type
RSA
DSA
IMPORTANT:
Only SSH1.5 uses the RSA server key pair.
Configuration procedure
Follow these steps to create a local asymmetric key pair:
To do...
Enter system view
Create a local asymmetric key pair
NOTE:
Key pairs created with the public-key local create command are saved automatically and can survive
system reboots.
Creating a local asymmetric key pair
Displaying or exporting the local host public key
Destroying a local asymmetric key pair
Number of key pairs
Two key pairs, one server key pair and one
host key par. Each key pair comprises a
public key and a private key
One key pair, the host key pair
Use the command...
system-view
public-key local create { dsa | rsa }
Modulus length
512 to 2048 bits
1024 by default
231
Remarks
Required
Optional
Optional
Optional
Remarks
To achieve high
security, specify at least
768 bits.
Remarks
—
Required
By default, no asymmetric key pair
is created.