beautypg.com

Displaying public keys – H3C Technologies H3C SecPath F1000-E User Manual

Page 341

background image

329

Configure it manually—If the peer device is an H3C device, you can use the display public-key

local public command to view and record its public key. On the local host, input or copy the key
data in public key code view. A public key displayed by other methods may not in the PKCS format,

and the system cannot save the format-incompliant key.

NOTE:

The firewall supports up to 20 peer pubic keys.

To import a peer host public key from the public key file:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Import the peer host public key
from the public key file.

public-key peer keyname import
sshkey filename

N/A

To configure a peer public key manually:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Specify a name for a peer
public key and enter public

key view.

public-key peer keyname N/A

3.

Enter public key code view.

public-key-code begin

N/A

4.

Configure the peer server or
host public key.

Enter or copy the key

Spaces and carriage returns are
allowed between characters.

5.

Return to public key view.

public-key-code end

When you exit public key code
view, the system automatically

saves the public key.

6.

Return to system view.

peer-public-key end

N/A

NOTE:

Do not configure a peer RSA server public key for identity authentication in SSH applications.
Authentication in SSH applications uses the RSA host public key. For more information about SSH, see

System Management and Maintenance Configuration Guide.

Displaying public keys

Task Command

Remarks

Display the local public keys

display public-key local { dsa | rsa } public [ |
{ begin | exclude | include }
regular-expression ]

Available in any view

Display the peer public keys.

display public-key peer [ brief | name
publickey-name ] [ | { begin | exclude |

include } regular-expression ]

Available in any view