beautypg.com

Destroying an asymmetric key pair, Configuring the public key of a peer – H3C Technologies H3C SecPath F1000-E User Manual

Page 111

background image

3

Displaying or Exporting the Local RSA or DSA Host Public Key

Display the local RSA or DSA host public key on the screen or export it to a specified file. Then, you can

configure the local RSA or DSA host public key on the remote end so that the remote end can use the host

public key to authenticate the local end through digital signature.
Follow these steps to display or export the local RSA or DSA host public key:

To do…

Use the command…

Remarks

Enter system view

system-view

Display the local RSA host public

key on the screen in a specified
format, or export it to a specified

file

public-key local export rsa
{ openssh | ssh1 | ssh2 }

[ filename ]

Display the local DSA host public
key on the screen in a specified

format or export it to a specified

file

public-key local export dsa
{ openssh | ssh2 } [ filename ]

Select a command according to

the type of the key to be exported.

Destroying an Asymmetric Key Pair

An asymmetric key pair may expire or leak. In this case, destroy it and generate a new pair.
Follow these steps to destroy an asymmetric key pair:

To do…

Use the command…

Remarks

Enter system view

system-view

Destroy an asymmetric key pair

public-key local destroy
{ dsa | rsa }

Required

Configuring the Public Key of a Peer

To enable your local host to authenticate a remote host, configure the RSA or DSA public key of that peer

on the local host by following either of the methods:

Configure it manually: View the peer's host public key by the display command or other means on

the remote host and record the public key. On the local host, input or copy the key data in public
key code view.

Import it from a public key file: Obtain a copy of the peer's public key file through FTP or TFTP (in
binary mode) first, and then import the public key from the file. During the import process, the

system automatically converts the public key to a string in PKCS (Public Key Cryptography

Standards) format.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: