R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

221

222

223

224

225

226

227

228

229

230

209

Ste

Command

Remarks

2. Import an RSA key pair.

public-key local import rsa

name key-name pem

After you execute the public-key local

import command, copy the private key

of the RSA key pair at the prompt (the

public key is included in the private

key), press Ctrl+C, and then enter the

password used to encrypt the RSA key

pair when the key pair was exported.

You cannot use an imported RSA key

pair as the default RSA key pair.

The RSA key pair to be imported must

be in PEM format.

Specifying the peer public key on the local device

In SSH, to enable the local device to authenticate a peer device, specify the peer public key on the local

device. The device supports up to 20 peer public keys.

For information about displaying or exporting the host public key, see "Displaying or exporting the local

st public key."

To specify the peer public key on the local device:

Method Prere

uisites

Remarks

Import the public key

from a public key file

(recommended)

3. Save the host public key of the intended

asymmetric key pair in a file.

4. Transfer a copy of the file through FTP

or TFTP in binary mode to the local

device.

During the import process, the system

automatically converts the public key to

a string in Public Key Cryptography

Standards (PKCS) format.

Manually configure

the public key

—

input

or copy the key data

• Display and record the public key of the

intended asymmetric key pair.

• If the peer device is an HP device, use the

display public-key local public

command to view and record its public

key. A public key displayed by other

methods for the HP device may not be in

a correct format.

• The recorded public key must be in

the correct format, or the manual

configuration of a

format-incompliant public key will

fail.

• Always use the first method if you

are not sure about the format of the

recorded public key.

To import the host public key from a public key file to the local device:

Ste

Command

1. Enter system view.

system-view

2. Import the host public key from the public key file.

public-key peer keyname import sshkey filename

To manually configure the peer public key on the local device:

Ste

Command

Remarks

1. Enter system view.

system-view N/A