R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
111
Public key configuration task list
The configuration tasks enable you to manage the local asymmetric key pairs, and configure the peer
host public keys on the local device. By completing these tasks, your host is ready to work with
applications such as SSH and SSL to implement data encryption/decryption, or digital signature.
Complete these tasks to configure public keys:
Task Remarks
Configuring a local
asymmetric key pair on the
local device
Creating a local asymmetric key pair Required
Displaying or exporting the local host public key Optional
Destroying a local asymmetric key pair Optional
Specifying the peer public key on the local device Optional
Configuring a local asymmetric key pair on the
local device
Creating a local asymmetric key pair
Configuration guidelines
When you create an asymmetric key pair on the local device, follow these guidelines:
• Create an asymmetric key pair of the proper type to work with a target application.
• After you enter the command, specify a proper modulus length for the key pair. The following table
describes the RSA key pairs.
Table 34 RSA key pairs
T
yp
e Number of ke
y
p
airs
Modulus len
g
th
Remarks
RSA
Two key pairs, one server key pair and one
host key par. Each key pair comprises a
public key and a private key
512 to 2048 bits
1024 by default
To achieve high
security, specify at least
768 bits.
IMPORTANT:
Only SSH1.5 uses the RSA server key pair.
Configuration procedure
Follow these steps to create a local asymmetric key pair:
To do… Use the command…
Remarks
Enter system view system-view —
Create a local asymmetric
key pair
public-key local create rsa
Required
By default, no asymmetric key pair is created.