Public key configuration examples, Configuring a peer public key manually, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 342: Configuration procedure
330
Public key configuration examples
NOTE:
In this configuration example, either Device A or Device B is the SecPath firewall.
Configuring a peer public key manually
Network requirements
As shown in
, to prevent illegal access, Device B authenticates Device A through a digital
signature. Before configuring authentication parameters on Device B, configure the public key of Device
A on Device B.
•
Configure Device B to use the asymmetric key algorithm of RSA for identity authentication of Device
A.
•
Manually configure the host public key of Device A on Device B.
Figure 212 Network diagram
Configuration procedure
1.
Configure Device A:
# Create RSA key pairs on Device A.
[DeviceA] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++
++++++
++++++++
++++++++
# Display the public keys of the created RSA key pairs.
[DeviceA] display public-key local rsa public
=====================================================
Time of Key pair created: 09:50:06 2007/08/07
Key name: HOST_KEY
Key type: RSA Encryption Key
=====================================================
Key code:
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS