KB.15.15

Specifies the start date and time of the valid period in which the switch can transmit

this key as authentication for outbound packets.

duration < mm/dd/yy [ yy ] hh:mm:ss | seconds >

Specifies the time period during which the switch can use this key to authenticate

outbound packets. Duration is either an end date and time or the number of seconds

to allow after the start date and time ( which is the accept-lifetime setting).

show key-chain chain_name

Displays the detail information about the keys used in the key chain named <

chain_name >.

NOTE: Using time-dependent keys requires that all the switches have accurate, synchronized

time settings. You can manually set the time or use the Time protocol feature included in the switches.

See time protocols in the Management and Configuration Guide for your switch.

Example

Figure 311 Adding time-dependent keys to a key chain entry

NOTE: Given transmission delays and the variations in the time value from switch to switch, it is

advisable to include some flexibility in the Accept lifetime of the keys you configure. Otherwise,

the switch may disregard some packets because either their key has expired while in transport or

there are significant time variations between switches.

To list the result of the commands in Figure 311 (page 425):

Figure 312 Display of time-dependent keys in the key chain entry

Use show key-chain to display the key status at the time the command is issued. Using the information

from the example configuration in Figure 311 (page 425) and Figure 312 (page 425) if you execute

show key-chain at 8:05 on 01/19/03, the display would appear as follows:

Assigning a time-independent key to a chain 425