Table of Contents
Advertisement
Key Management System
Configuring Key Chain Management
12-4
Figure 12-1. Adding a New Key Chain Entry
After you add an entry, you can assign key(s) to it for use by a KMS-enabled
protocol.
Assigning a Time-Independent Key to a Chain
A time-independent key has no Accept or Send time constraints. It is valid
from boot-up until you change it. If you use a time-independent key, then it is
the only key needed for a key chain entry.
Syntax: [no] key-chain < chain_name > key < key_id >
[ key-string < key_str > ]
[ accept-lifetime infinite ] [ send-lifetime infinite ]
show key-chain < chain_name >
Generates or deletes a key in the key chain entry
< chain_name >. Using the optional no form of the
command deletes the key. The < key_id > is any
number from 0-255.
This option lets you specify the key value for the
protocol using the key. The < key_str > can be any
string of up to 14 characters in length.
accept-lifetime infinite: Allows packets with this key to
be accepted at any time from boot-up until the key
is removed.
send-lifetime infinite: Allows the switch to send this
key as authorization, from boot-up until the key is
removed.
Displays the detail information about the keys used
in the key chain named < chain_name >.
Add new key chain
Entry "Procurve1".
Display key chain
entries.
Advertisement
Table of Contents
