Allied Telesis AT-S63 User Manual

Chapter 28: Encryption Key Commands

380

server key is 768 bits and the recommended length for the host
key is 1024 bits.

The DESCRIPTION parameter is optional. You can use it to add a
description to the key. This can help you identify the different keys on
the switch. The description can be up to forty alphanumeric characters. It
must be enclosed in quotes and spaces are allowed.

Syntax 1 Examples

This example creates a key with the ID of 12 and a length of 512 bits:

create enco key=12 type=rsa length=512

This example creates a key with the ID of 4, a length of 1024 bits, and a
description of “Switch12a encryption key.”:

create enco key=4 type=rsa length=1024 description="Switch12a
encryption key"

Syntax 2 Description

Syntax 2 is used to import and export public encryption keys. You can
import a public key from the AT-S63 file system to the key database or
vice versa.

The only circumstance in which you are likely to use this command is if
you are using an SSH client that does not download the key
automatically when you start an SSH management session. In that
situation, you can use this procedure to export the SSH client key from
the key database into the AT-S63 file system, from where you can
download it onto the SSH management session for incorporation in your
SSH client software.

You should not use this command to export an SSL public key. Typically,
an SSL public key only has value when incorporated into a certificate or
enrollment request.

The KEY parameter specifies the identification number for the key. The
range is 0 to 65,535. If you are importing a public key from the file system
to the key database, the key ID that you select must be unused; it cannot
already be assigned to another key pair. Importing a public key to the
database assumes that you have already stored the public key in the file
system. To download files into the file system, refer to “LOAD” on page
154.