16-5
Key Management System
Configuring Key Chain Management
Assigning Time-Dependent Keys to a Chain
A time-dependent key has Accept or Send time constraints. It is valid only
during the times that are defined for the key . If a time-dependent key is used,
there is usually more than one key in the key chain entry.
Syntax: [no] key-chain < chain_name > key < key_id >
Generates or deletes a key in the key chain entry
< chain_name >. Using the optional no form of the
command deletes the key. The < key_id > is any
number from 0-255.
[ key-string < key_str > ]
This option specifies the key value referenced by the
protocol using the key. The < key_str > can be any
string up to 14 characters in length.
accept-lifetime < mm/dd/yy [ yy ] hh:mm:ss | now >
Specifies the start date and time of the valid period
in which the switch can use this key to authenticate
inbound packets.
duration < mm/dd/yy [ yy ] hh:mm:ss | seconds >
Specifies the time period during which the switch
can use this key to authenticate inbound packets.
Duration is either an end date and time or the
number of seconds to allow after the start date and
time (which is the accept-lifetime setting).
send-lifetime <mm/dd/yy[yy] hh:mm:ss | now>
Specifies the start date and time of the valid period
in which the switch can transmit this key as
authentication for outbound packets.
duration < mm/dd/yy[yy] hh:mm:ss | seconds >
Specifies the time period during which the switch
can use this key to authenticate outbound packets.
Duration is either an end date and time or the
number of seconds to allow after the start date and
time (which is the accept-lifetime setting).
show key-chain < chain_name >
Displays the detail information about the keys used
in the key chain named < chain_name >.
To Next Page
Loading...
Need help?
General