beautypg.com

Specifying the peer public key on the local device – H3C Technologies H3C SecBlade LB Cards User Manual

Page 113

background image

102

time, or the local certificate expires. For more information about the local certificate, see "Configuring

PKI."
To destroy a local asymmetric key pair:

Step Command

1.

Enter system view.

system-view

2.

Destroy a local asymmetric key pair.

public-key local destroy rsa

Specifying the peer public key on the local device

In SSH, to enable the local device to authenticate a peer device, specify the peer public key on the local

device. The device supports up to 20 peer public keys.
For information about displaying or exporting the host public key, see "

Displaying or exporting the local

host public key

."

To specify the peer public key on the local device:

Method Prerequisites

Remarks

Import the public key
from a public key file
(recommended)

1.

Save the host public key of the intended
asymmetric key pair in a file.

2.

Transfer a copy of the file through FTP
or TFTP in binary mode to the local

device.

During the import process, the system
automatically converts the public key to

a string in Public Key Cryptography

Standards (PKCS) format.

Manually configure
the public key—input
or copy the key data

Display and record the public key of the

intended asymmetric key pair.

If the peer device is an H3C device, use

the display public-key local public

command to view and record its public
key. A public key displayed by other

methods for the H3C device may not be

in a correct format.

The recorded public key must be in

the correct format, or the manual
configuration of a

format-incompliant public key will

fail.

Always use the first method if you

are not sure about the format of the

recorded public key.

To import the host public key from a public key file to the local device:

Step Command

1.

Enter system view.

system-view

2.

Import the host public key from the public key file. public-key peer keyname import sshkey filename

To manually configure the peer public key on the local device:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Specify a name for the public
key and enter public key view. public-key peer keyname N/A

3.

Enter public key code view.

public-key-code begin

N/A

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: