Configuring a peer public key, Entering a peer public key – H3C Technologies H3C S12500-X Series Switches User Manual

Page 134

122

90B

Configuring a peer public key

To encrypt information sent to a peer device or authenticate the digital signature of the peer device, you
must configure the public key of the peer device on the local device.

Table 9 Peer public key configuration methods

Method Prerequisites

Remarks

Import the peer public key
from a public key file

(recommended)

Save the host public key in a file
on the peer device.

Get the file from the peer device,

for example, by using FTP or

TFTP in binary mode.

The system automatically converts the
imported public key to a string in the

Public Key Cryptography Standards
(PKCS) format.

Manually enter (type or copy)
the peer public key

Display and record the public key on
the peer device.

IMPORTANT:

If the peer device is an H3C device, use
the display public-key local public

command to display the public key.

The format of the public key displayed
in any other way might be incorrect.

•

If the key is not in the correct
format, the system discards the key

and displays an error message. If

the key is valid, for example, the
key displayed by the display

public-key local public command,

the system saves the key.

•

Always use the first method if you

are not sure of the format of the

recorded public key.

For information about displaying or exporting host public keys, see "

830H

Distributing a local host public key

227B

Importing a peer host public key from a public key file

Step Command

Remarks

Enter system view.

system-view

N/A

Import a peer host public key

from a public key file.

public-key peer keyname import sshkey
filename

By default, no peer host
public key exists.

228B

Entering a peer public key

Step Command

Remarks

Enter system view.

system-view

N/A

Specify a name for the peer

public key and enter public
key view.

public-key peer keyname

By default, no peer host public key exists.

Type or copy the key.

N/A

You can use spaces and carriage returns,
but the system does not save them.

Return to system view.

peer-public-key end

When you exit public key view, the

system automatically saves the public
key.

This manual is related to the following products:

H3C S5560 Series Switches H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C S9800 Series Switches H3C S5130 Series Switches H3C S5120 Series Switches