Displaying or exporting the local host public key

In some applications, such as SSH, to allow your local device to be authenticated by a peer device through digital signature, you must display or export the local host public key, which will then be specified on the peer device.

To display or export the local host public key, choose one of the following methods:

If your local device functions to authenticate the peer device, you must specify the peer public key on the local device. For more information, see "Specifying the peer public key on the local device."

Displaying and recording the host public key information

To display the local public key:

Task

Command

Remarks

Display the local RSA public key.

display public-key local rsa public [ | { begin | exclude | include } regular-expression ]

Available in any view.

Use at least one command.

Display the local ECDSA public key.

display public-key local ecdsa public [ | { begin | exclude | include } regular-expression ]

Display the local DSA host public key.

display public-key local dsa public [ | { begin | exclude | include } regular-expression ]

The display public-key local rsa public command displays both the RSA server and host public keys. Recording the RSA host public key is enough.

After displaying the host public key, record the key information for manual configuration of the key on the peer device.

Displaying the host public key in a specific format and saving it to a file

To display the local host public key in a specific format:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Display the host public key in a specific format.

  • Display the local RSA host public key:

    • In non-FIPS mode:public-key local export rsa { openssh | ssh1 | ssh2 }

    • In FIPS mode:public-key local export rsa { openssh | ssh2 }

  • Display the local DSA host public key:
    public-key local export
    dsa { openssh | ssh2 }

  • Display the local ECDSA host public key:public-key local export ecdsa { openssh | ssh2 }

Use at least one command.

After you display the host public key in a specify format, save the key to a file (by using a method such as copying and-pasting), and transfer this file to the peer device.

Exporting the host public key in a specific format to a file

After you export and save the host public key in a specify format to a file, transfer the file to the peer device.

To export and save the local host public key to a file:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Export the local host public key in a specific format to a file.

  • Export the local RSA host public key:

    • In non-FIPS mode:public-key local export rsa { openssh | ssh1 | ssh2 } filename

    • In FIPS mode:public-key local export rsa { openssh | ssh2 } filename

  • Export the local DSA host public key:
    public-key local export
    dsa { openssh | ssh2 } filename

  • Export the local ECDSA host public key:public-key local export ecdsa { openssh | ssh2 } filename

Use at least one command.