R3303-HP HSR6800 Routers Security Configuration Guide
210
Ste
p
Command
Remarks
2. Specify a name for the public
key and enter public key view.
public-key peer keyname N/A
3. Enter public key code view.
public-key-code begin N/A
4. Configure the peer public key.
Type or copy the key
Spaces and carriage
returns are allowed
between characters.
5. Return to public key view.
public-key-code end
When you exit public key
code view, the system
automatically saves the
public key.
6. Return to system view.
peer-public-key end
N/A
Displaying public keys
Task Command
Remarks
Display the local public keys
display public-key local { dsa | rsa } public
[ | { begin | exclude | include }
regular-expression ]
Available in any view.
Display the specified or all peer
public keys on the local device.
display public-key peer [ brief | name
publickey-name ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Public key configuration examples
Manually specifying the peer public key on the local device
Network requirements
As shown in Figure 76, to prevent illegal access, Router B (the local device) authenticates Router A (the
peer device) through a digital signature. Before configuring authentication parameters on Router B,
configure the public key of Router A on Router B.
• Configure Router B to use the asymmetric key algorithm of RSA to authenticate Router A.
• Manually specify the host public key of Router A's public key pair on Router B.
Figure 76 Network diagram
Configuration procedure
1. Configure Router A:
# Create a local RSA key pair with the default name and the default modulus length of 1024 bits.