209
Ste
Command
2. Export a local host public key.
• Export an RSA host public key:
{ In non-FIPS mode:
public-key local export rsa [ name key-name ] { openssh | ssh1 |
ssh2 } [ filename ]
{ In FIPS mode:
public-key local export rsa [ name key-name ] { openssh | ssh2 }
[ filename ]
• Export an ECDSA host public key:
public-key local export ecdsa [ name key-name ] { openssh | ssh2 }
[ filename ]
• Export a DSA host public key:
public-key local export dsa [ name key-name ] { openssh | ssh2 }
[ filename ]
Displaying a host public key
Perform the following tasks in any view:
Task Command
Display local RSA public keys. display public-key local rsa public [ name key-name ]
Display local DSA public keys. display public-key local dsa public [ name key-name ]
Display local ECDSA public keys. display public-key local ecdsa public [ name key-name ]
NOTE:
Do not distribute the RSA server public key serverkey (default) to a peer device.
Destroying a local key pair
To avoid key compromise, destroy a local key pair and generate a new pair after any of the following
conditions occurs:
• An intrusion event has occurred.
• The storage media of the device is replaced.
• Local certificate has expired. For more information about the local certificate, see "Configuring
PK
I."
To destroy a local key pair:
Step Command
1. Enter system view.
system-view
2. Destroy a local key pair.
public-key local destroy { dsa | ecdsa | rsa } [ name key-name ]
To Next Page
Loading...
Need help?
General