Allied Telesis AT-S60 User Manual

Page 246

244

Description

This command creates an encryption key and stores the key information
in the switch’s file system. This command can also be used to import or
export RSA keys.

The KEY parameter specifies the identification number for the key.

The TYPE parameter specifies the type of key to be created. The only
option is RSA.

The LENGTH parameter specifies the bit length of the key. To configure
host and server keys for SSH, there are guidelines regarding the length
of the keys. The bit size of the SSH host and server keys must differ by
128 bits. The recommended bit size for a server key is 768 bits. The
minimum bits size of a server key is 512 bits. For the host key, the
recommended bit size is 1024 bits.

The DESCRIPTION parameter specifies a user-defined description of the
web server the key is used to protect.

If the FILE parameter is specified, the RSA key is imported from or
exported to the specified file. If the FILE parameter is not specified, then
a random RSA key is generated.

The FILE parameter specifies name of a key file. RSA public keys may be
imported from or exported to a file in either Secure Shell format or in
hexadecimal format. If the file exists but the specified RSA key does not
exist, then the RSA key is imported from the file. If the specified RSA key
exists but the file does not exist, the RSA key is exported to the file. In
addition, the FORMAT parameter must be specified when importing or
exporting keys.

The FORMAT parameter specifies the format of the .key file when
importing or exporting an RSA key. Specify SSH when you are using the
Secure Shell feature. Specify the HEX format when transferring keys
between devices. The default is HEX. If FORMAT is specified, the FILE
parameter must also be present.

Examples

To create a new certificate with a new key id of 300, the type as RSA, a
length of 512 bits, and a description of serverkey17 in HEX format, enter:

create enco key=300 type=rsa length=512
description=serverkey17 format=hex