HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 160
Destroying a local asymmetric key pair, Specifying the peer public key on the local device
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 160 highlights
Destroying a local asymmetric key pair You may need to destroy a local asymmetric key pair and generate a new pair when an intrusion event has occurred, the storage media of the device is replaced, the asymmetric key has been used for a long time, or the local certificate expires. For more information about the local certificate, see "Configuring PKI." To destroy a local asymmetric key pair: Step 1. Enter system view. 2. Destroy a local asymmetric key pair. Command system-view public-key local destroy { dsa | rsa } Specifying the peer public key on the local device In some applications, such as SSH, to enable the local device to authenticate a peer device, specify the peer public key on the local device. The device supports up to 20 peer public keys. For information about displaying or exporting the host public key, see "Displaying or exporting the local host public key." Take one of the following methods to specify the peer public key on the local device: Method Import the public key from a public key file (recommended) Manually configure the public key-enter or copy the key data Prerequisites 3. Save the host public key of the intended asymmetric key pair in a file. 4. Transfer a copy of the file through FTP or TFTP in binary mode to the local device. • Display and record the public key of the intended asymmetric key pair. • If the peer device is an HP device, use the display public-key local public command to view and record its public key. A public key displayed by other methods for the HP device may not be in a correct format. Remarks During the import process, the system automatically converts the public key to a string in Public Key Cryptography Standards (PKCS) format. • The recorded public key must be in the correct format, or the manual configuration of a format-incompliant public key will fail. • Always use the first method if you are not sure about the format of the recorded public key. To import the host public key from a public key file to the local device: Step Command 1. Enter system view. system-view 2. Import the host public key from the public key file. public-key peer keyname import sshkey filename To manually configure the peer public key on the local device: 150