Displaying public keys, Public key configuration examples, Network requirements – H3C Technologies H3C SecBlade LB Cards User Manual

103

Step Command

Remarks

4.

Configure the peer public key. Type or copy the key

Spaces and carriage returns are allowed
between characters.

5.

Return to public key view.

public-key-code end

When you exit public key code view, the
system automatically saves the public key.

6.

Return to system view.

peer-public-key end

N/A

Displaying public keys

Task Command

Remarks

Display the local public keys

display public-key local rsa public [ | { begin
| exclude | include } regular-expression ]

Available in any view.

Display the specified or all peer
public keys on the local device.

display public-key peer [ brief | name
publickey-name ] [ | { begin | exclude |

include } regular-expression ]

Available in any view.

Public key configuration examples

Manually specifying the peer public key on the local device

In this example, Device A is the LB product.

Network requirements

As shown in

Figure 37

, to prevent illegal access, Device B (the local device) authenticates Device A (the

peer device) through a digital signature. Before configuring authentication parameters on Device B,
configure the public key of Device A on Device B.

•

Configure Device B to use the asymmetric key algorithm of RSA to authenticate Device A.

•

Manually specify the host public key of Device A's public key pair on Device B.

Figure 37 Network diagram

Configuration procedure

1.

Configure Device A:
# Create local RSA key pairs on Device A, setting the modulus length to the default, 1024 bits.

system-view

[DeviceA] public-key local create rsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.