R2511-HP MSR Router Series Security Configuration Guide(V5)
281
[DeviceB] public-key peer devicea import sshkey devicea.pub
# Display the host public key of Device A on Device B.
[DeviceB] display public-key peer name devicea
=====================================
Key Name : devicea
Key Type : RSA
Key Module: 1024
=====================================
Key Code:
30819F300D06092A864886F70D010101050003818D0030818902818100D90003FA95F5A44A2A2CD3F
814F
9854C4421B57CAC64CFFE4782A87B0360B600497D87162D1F398E6E5E51E5E353B3A9AB16C9E766BD
995C
669A784AD597D0FB3AA9F7202C507072B19C3C50A0D7AD3994E14ABC62DB125035EA326470034DC07
8B2B
AA3BC3BCA80AAB5EE01986BD1EF64B42F17CCAE4A77F1EF999B2BF9C4A10203010001
The output shows that the host public key of Device A saved on Device B is consistent with the one
created on Device A.
Exporting and importing an RSA key pair
Network requirements
Create and export an RSA key pair on Device A, and then import the key pair to Device B.
Figure 77 Network diagram
Configuration procedure
1. Configure Device A:
# Create a local RSA key pair named rsa1 with the default modulus length of 1024 bits.
<DeviceA> system-view
[DeviceA] public-key local create rsa name rsa1
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++
+++++++
+++++++++
+++
# Export the RSA key pair rsa1 by using the encryption algorithm 3DES CBC and password
12345678.
[DeviceA] public-key local export rsa name rsa1 pem 3des-cbc-128 12345678