Configuration file encryption, Modes in saving the configuration – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 16
5-6
Task
Remarks
Optional
Modes in Saving the Configuration
Required
Configuration File Encryption
Support for this feature depends on the AC model.
This feature enables you to encrypt a configuration file before saving it (using the save command). If
you want to read the encrypted configuration file, you must decrypt it with a legal key. Two kinds of keys
are supported to encrypt a configuration file, and you can select either of them according to your
application environment:
z
Private key: A configuration file encrypted by a private key can be decrypted and recognized only
by the local device.
z
Public key: A configuration file encrypted by a public key can be decrypted and recognized by all
devices supporting this feature.
Follow these steps to enable configuration file encryption:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable configuration
file encryption
configuration encrypt
{ private-key | public-key }
Optional
Disabled by default. The current valid configurations
are directly saved to the configuration file.
For the device that supports this feature, you can use the display saved-configuration command
instead of the more command to view the encrypted configuration file, because the latter cannot
decrypt the file. Otherwise, you will be prompted for operation failure or garbled characters.
Modes in Saving the Configuration
You can save the configuration in either of the following two modes:
z
Fast saving mode: Fast saving mode is implemented by using the save command without
providing the safely keyword. The mode saves the file quickly but is likely to lose the existing
configuration file if the device reboots or the power fails during the process.