Assigning A Time-Independent Key To A Chain - HP procurve 5300xl Series Access Security Manual
Hide thumbs
Also See for procurve 5300xl Series:
- Management manual (664 pages) ,
- Specification sheet (12 pages) ,
- Management and configuration manual (508 pages)
Table of Contents
Advertisement
Key Management System
Configuring Key Chain Management
11-4
Figure 11-1. Adding a New Key Chain Entry
After you add an entry, you can assign key(s) to it for use by a KMS-enabled
protocol.
Assigning a Time-Independent Key to a Chain
A time-independent key has no Accept or Send time constraints. It is valid
from boot-up until you change it. If you use a time-independent key, then it is
the only key needed for a key chain entry.
Syntax: [no] key-chain < CHAIN_NAME > key < KEY_ID >
[ key-string < KEY_STR > ]
[ accept-lifetime infinite ] [ send-lifetime infinite ]
show key-chain < CHAIN_NAME >
For example, to generate a new time-independent key for the Procurve1 key
chain entry:
Generates or deletes a key in the key chain entry
CHAIN_NAME. Using the optional no form of the
command deletes the key. The KEY_ID is any
number from 0-255.
This option lets you specify the key value for the
protocol using the key. The KEY_STR can be any
string of up to 14 characters in length.
accept-lifetime infinite: Allows packets with this key to
be accepted at any time from boot-up until the key
is removed.
send-lifetime infinite: Allows the switch to send this
key as authorization, from boot-up until the key is
removed.
Displays the detail information about the keys used
in the key chain named CHAIN_NAME.
Add new key chain
Entry "Procurve1".
Display key chain
entries.
Advertisement
Table of Contents
