HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 128
Configuring a peer public key, Importing a peer host public key from a public key file
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 128 highlights
Configuring a peer public key To encrypt information sent to a peer device or authenticate the digital signature of the peer device, you must configure the public key of the peer device on the local device. Table 8 Peer public key configuration methods Method Import the peer public key from a public key file (recommended). Manually enter (type or copy) the peer public key. Prerequisites 1. Save the host public key in a file on the peer device. 2. Get the file from the peer device, for example, by using FTP or TFTP in binary mode. Display and record the public key on the peer device. IMPORTANT: If the peer device is an HP device, use the display public-key local public command to display the public key. The format of the public key displayed in any other way might be incorrect. Remarks The system automatically converts the imported public key to a string in the Public Key Cryptography Standards (PKCS) format. • If the key is not in the correct format, the system discards the key and displays an error message. If the key is valid, for example, the key displayed by the display public-key local public command, the system saves the key. • Always use the first method if you are not sure of the format of the recorded public key. For information about displaying or exporting host public keys, see "Distributing a local host public key." HP recommends that you configure no more than 20 peer public keys on the device. Importing a peer host public key from a public key file Step 1. Enter system view. 2. Import a peer host public key from a public key file. Command system-view public-key peer keyname import sshkey filename Remarks N/A By default, no peer host public key exists. Entering a peer public key Step 1. Enter system view. 2. Specify a name for the peer public key and enter public key view. Command system-view public-key peer keyname 3. Type or copy the key. N/A 4. Return to system view. peer-public-key end Remarks N/A By default, no peer host public key exists. You can use spaces and carriage returns, but the system does not save them. When you exit public key view, the system automatically saves the public key. 119