Creating a local asymmetric key pair, Displaying or exporting the local host public key – H3C Technologies H3C SecBlade LB Cards User Manual
Page 111
100
Task Remarks
Configuring a local
asymmetric key pair on the
local device
Creating a local asymmetric key pair
Choose one or more
tasks.
Displaying or exporting the local host public key
Destroying a local asymmetric key pair
Specifying the peer public key on the local device
Creating a local asymmetric key pair
When you create an asymmetric key pair on the local device, follow these guidelines:
•
Create an asymmetric key pair of the proper type to work with a target application.
•
This command creates two key pairs, one server key pair and one host key par. Each key pair
comprises a public key and a private key. The modulus length of the key ranges from 512 to 2048
bits, and defaults to 1024 bits. To achieve high security, specify at least 768 bits.
IMPORTANT:
Only SSH1.5 uses the RSA server key pair.
To create a local asymmetric key pair:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create a local
asymmetric key pair.
public-key local create rsa
By default, no asymmetric key pair is created.
Key pairs created with this command are saved
automatically and can survive system reboots.
Displaying or exporting the local host public key
In some applications, such as SSH, to allow your local device to be authenticated by a peer device
through digital signature, you must display or export the local host public key, which will then be
specified on the peer device.
To display or export the local host public key, choose one of the following methods:
•
Displaying and recording the host public key information
•
Displaying the host public key in a specific format and saving it to a file
•
Exporting the host public key in a specific format to a file
If your local device functions to authenticate the peer device, you must specify the peer public key on the
local device. For more information, see "