16-3
Key Management System
Configuring Key Chain Management
.
For example, to generate a new key chain entry:
Figure 16-1. Adding a New Key Chain Entry
After you add an entry, you can assign key(s) to it for use by a KMS-enabled
protocol.
Assigning a Time-Independent Key to a Chain
A time-independent key has no Accept or Send time constraints. It is valid
from boot-up until you change it. If you use a time-independent key, then it is
the only key needed for a key chain entry.
Syntax: [ no ] key-chain < chain_name >
Generate or delete a key chain entry. Using the
optional no form of the command deletes the key
chain. The < chain_name > parameter can include up
to 32 characters.
show key-chain
Displays the current key chains on the switch and their
overall status.
Syntax: [no] key-chain < chain_name > key < key_id >
Generates or deletes a key in the key chain entry
< chain_name >. Using the optional no form of the
command deletes the key. The < key_id > is any
number from 0-255.
[ key-string < key_str > ]
HP Switch(config)# key-chan HP Switch1
HP Switch(config)# show key-chain
Key Chains
Chain Name Keys Active Expired
------------------- ------------ ----------- --------
HP Switch1 0 0 0
Add new key chain
Entry “HP Switch1”.
Display key chain
entries.
To Next Page
Loading...
Need help?
General