Network requirements, Configuration procedure – H3C Technologies H3C S5120 Series Switches User Manual

1-7

4AD597D0FB3AA9F7202C507072B19C3C50A0D7AD3994E14ABC62DB125035EA326470034DC078B2BAA3BC3BCA

80AAB5EE01986BD1EF64B42F17CCAE4A77F1EF999B2BF9C4A10203010001

Importing the Public Key of a Peer from a Public Key File

Network requirements

As shown in

Figure 1-3

, to prevent illegal access, Device B authenticates Device A through digital

signature. Before configuring authentication parameters on Device B, configure the public key of Device

A on Device B. More specifically,

z

Configure Device B to use the asymmetric key algorithm of RSA for identity authentication of

Device A.

z

Import the host public key of Device A from the public key file to Device B.

Figure 1-3 Network diagram for importing the public key of a peer from a public key file

Configuration procedure

1) Create key pairs on Device A and export the host public key

# Create RSA key pairs on Device A.

<DeviceA> system-view

[DeviceA] public-key local create rsa

The range of public key size is (512 ~ 2048).

NOTES: If the key modulus is greater than 512,

It will take a few minutes.

Press CTRL+C to abort.

Input the bits of the modulus[default = 1024]:

Generating Keys...

++++++

++++++

++++++++

++++++++

# Display the public keys of the created RSA key pairs.

[DeviceA] display public-key local rsa public

=====================================================

Time of Key pair created: 09:50:06 2007/08/07

Key name: HOST_KEY

Key type: RSA Encryption Key

=====================================================

Key code:

30819F300D06092A864886F70D010101050003818D0030818902818100D90003FA95F5A44A2A2CD3F814F985

4C4421B57CAC64CFFE4782A87B0360B600497D87162D1F398E6E5E51E5E353B3A9AB16C9E766BD995C669A78