Displaying public keys – H3C Technologies H3C SecPath F1000-E User Manual
Page 341
329
•
Configure it manually—If the peer device is an H3C device, you can use the display public-key
local public command to view and record its public key. On the local host, input or copy the key
data in public key code view. A public key displayed by other methods may not in the PKCS format,
and the system cannot save the format-incompliant key.
NOTE:
The firewall supports up to 20 peer pubic keys.
To import a peer host public key from the public key file:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Import the peer host public key
from the public key file.
public-key peer keyname import
sshkey filename
N/A
To configure a peer public key manually:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Specify a name for a peer
public key and enter public
key view.
public-key peer keyname N/A
3.
Enter public key code view.
public-key-code begin
N/A
4.
Configure the peer server or
host public key.
Enter or copy the key
Spaces and carriage returns are
allowed between characters.
5.
Return to public key view.
public-key-code end
When you exit public key code
view, the system automatically
saves the public key.
6.
Return to system view.
peer-public-key end
N/A
NOTE:
Do not configure a peer RSA server public key for identity authentication in SSH applications.
Authentication in SSH applications uses the RSA host public key. For more information about SSH, see
System Management and Maintenance Configuration Guide.
Displaying public keys
Task Command
Remarks
Display the local public keys
display public-key local { dsa | rsa } public [ |
{ begin | exclude | include }
regular-expression ]
Available in any view
Display the peer public keys.
display public-key peer [ brief | name
publickey-name ] [ | { begin | exclude |
include } regular-expression ]
Available in any view