Displaying And Maintaining Keychain; Keychain Configuration Example; Network Requirements; Configuration Procedure - HPE FlexNetwork 7500 Series Security Configuration Manual

Displaying and maintaining keychain

Execute display commands in any view.
Task
Display keychain information.

Keychain configuration example

Network requirements

As shown in
and use a keychain to authenticate packets between the switches. Configure key 1 and key 2 for the
keychain and make sure key 2 is used immediately when key 1 expires.
Figure 138 Network diagram

Configuration procedure

Configuring Switch A
# Configure IP addresses for interfaces. (Details not shown.)
# Configure OSPF.
<SwitchA> system-view
[SwitchA] ospf 1 router-id 1.1.1.1
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# Create a keychain named abc, and specify the absolute time mode for it.
[SwitchA] keychain abc mode absolute
# Create key 1 for keychain abc, specify an authentication algorithm, and configure a key string and
the sending and receiving lifetimes for the key.
[SwitchA-keychain-abc] key 1
[SwitchA-keychain-abc-key-1] authentication-algorithm hmac-sha-256
[SwitchA-keychain-abc-key-1] key-string plain 123456
[SwitchA-keychain-abc-key-1] send-lifetime utc 10:00:00 2015/02/06 to 11:00:00 2015/02/06
[SwitchA-keychain-abc-key-1] accept-lifetime utc 10:00:00 2015/02/06 to 11:00:00
2015/02/06
[SwitchA-keychain-abc-key-1] quit
# Create key 2 for keychain abc, specify an authentication algorithm, and configure a key string and
the sending and receiving lifetimes for the key.
[SwitchA-keychain-abc] key 2
Command
display keychain [ name keychain-name [ key key-id ] ]
Figure 138, establish an OSPF neighbor relationship between Switch A and Switch B,
441