Destroying a local key pair, Displaying a host public key – H3C Technologies H3C S12500-X Series Switches User Manual

121

225B

Displaying a host public key in a specific format and saving it
to a file

After you display a host public key in a specific format, save the key to a file and transfer the file to the
peer device.
To display a local host public key in a specific format:

Step Command

1.

Enter system view.

system-view

2.

Display local host public keys
in a specific format.

•

Display RSA host public keys:

public-key local export rsa [ name key-name ] { openssh | ssh1 |
ssh2 }

•

Display DSA host public keys:

public-key local export dsa [ name key-name ] { openssh | ssh2 }

226B

Displaying a host public key

Display a host public key and copy it to an unformatted file. You must literally enter the key on the peer

device.
Perform the following tasks in any view:

Task Command

Display local RSA public keys.

display public-key local rsa public [ name key-name ]

Display local DSA public keys.

display public-key local dsa public [ name key-name ]

NOTE:

Do not distribute the RSA server public key serverkey (default) to a peer device.

89B

Destroying a local key pair

To avoid key compromise, destroy a local key pair and generate a new pair after an intrusion event has
occurred, the storage media of the device is replaced, the key pair has been used for a long time, or the

local certificate has expired.
To destroy a local key pair:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Destroy a local key pair.

public-key local destroy { dsa |
ecdsa | rsa } [ name key-name ]

N/A