Setting the cpu priority for key generation, Generating and deleting a dsa key pair, Generating and deleting an rsa key pair – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 86

Advertising
background image

66

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

SSH2 authentication types

NOTE

If you have generated SSH keys on the switch, you should delete and regenerate it when you upgrade
or downgrade the software version before ssh session.

Setting the CPU priority for key generation

Generating the key is a resource-intensive operation. You can set the priority for this operation to
high so that the device allocates more CPU time for this operation. So you must use this option only
when the device is in the maintenance window. This option reduces the time taken for key
generation.

To set high priority for the key generation operation, enter the following command:

Brocade(config)#crypto-gen priority high

Syntax: crypto key crypto-gen priority default | high

The default keyword sets the priority as default. The key generation task is handled with the regular
priority.

The high keyword sets the high priority for the key generation task. Use this option only when the
device is in the maintenance window.

Generating and deleting a DSA key pair

To generate a DSA key pair, enter the following command.

Brocade(config)# crypto key generate dsa

To delete the DSA host key pair, enter the following command.

Brocade(config)# crypto key zeroize dsa

Syntax: crypto key generate | zeroize dsa

The generate keyword places a host key pair in the flash memory and enables SSH on the device, if
it is not already enabled.

The zeroize keyword deletes the host key pair from the flash memory. This disables SSH if no other
server host keys exist on the device.

The dsa keyword specifies a DSA host key pair. This keyword is optional. If you do not enter it, the
command crypto key generate generates a DSA key pair by default, and the command crypto key
zeroize works as described in

“Deleting DSA and RSA key pairs”

on page 67.

Generating and deleting an RSA key pair

To generate an RSA key pair, enter a command such as the following:

Brocade(config)# crypto key generate rsa modulus 2048

To delete the RSA host key pair, enter the following command.

Brocade(config)# crypto key zeroize rsa

Syntax: crypto key generate | zeroize rsa [modulus modulus-size]

Advertising
Popular Brands
Popular manuals