Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5412R zl2 Switch
421422423424425426427428429430
Generates or deletes a key in the key chain entry < chain_name > . Using the
optional no form of the command deletes the key. The < key_id > is any number
from 0-255.
[key-string key_str ]
This option lets you specify the key value for the protocol using the key. The <
key_str >can be any string of up to 14 characters in length.
[accept-lifetime infinite] [send-lifetime infinite]
accept-lifetime infinite:Allows packets with this key to be accepted at
any time from boot-up until the key is removed.
send-lifetime infinite: Allows the switch to send this key as authorization,
from boot-up until the key is removed.
show key-chain chain_name
Displays the detail information about the keys used in the key chain named
chain_name .
Example
To generate a new time-independent key for the HP switch key chain entry:
Figure 310 Adding and displaying a time-independent key to a key chain entry
Assigning time-dependent keys to a chain
A time-dependent key has Accept or Send time constraints. It is valid only during the times that are
defined for the key . If a time-dependent key is used, there is usually more than one key in the key
chain entry.
Syntax:
[no] key-chain chain_name key key_id
Generates or deletes a key in the key chain entry chain_name . Using the optional
no form of the command deletes the key. The key_id is any number from 0-255.
[key-string key_str ]
This option specifies the key value referenced by the protocol using the key. The <
key_str >can be any string up to 14 characters in length.
accept-lifetime < mm/dd/yy [ yy ] hh:mm:ss | now >
Specifies the start date and time of the valid period in which the switch can use this
key to authenticate inbound packets.
duration < mm/dd/yy [ yy ] hh:mm:ss | seconds >
Specifies the time period during which the switch can use this key to authenticate
inbound packets. Duration is either an end date and time or the number of seconds
to allow after the start date and time ( which is the accept-lifetime setting).
send-lifetime < mm/dd/yy [ yy ] hh:mm:ss | now >
424 Key Management System