[x]

Public key configuration commands > public-key local create

 

 Next

public-key local create

Syntax

public-key local create { dsa | rsa }

View

System view

Default level

2: System level

Parameters

dsa: Specifies a DSA key pair.

rsa: Specifies an RSA key pair.

Description

Use public-key local create to create local asymmetric key pairs. The created local key pairs are saved automatically, and can survive a reboot.

By default, no asymmetric key pairs exist.

The name of a key pair must be unique among all manually named key pairs that use the same key algorithm. If a name conflict occurs, the system asks whether you want to overwrite the existing key pair.

After you execute the command, specify an appropriate modulus length for the key pair.

In non-FIPS mode, Hewlett Packard Enterprise recommends that you set the RSA or DSA key modulus length to at least 768 bits.

Table 34 compares the three types of key pairs.

Table 34: A comparison between different types of asymmetric key pairs

Type

Number of key pairs

Modulus length

RSA

  • In non-FIPS mode, the command creates one server key pair and one host key par.

  • In FIPS mode, the command creates a host key pair.

  • In non-FIPS mode:512 to 2048 bits and defaults to 1024 bits.

  • In FIPS mode:2048 bits.

DSA

The command only creates one host key pair.

  • In non-FIPS mode:512 to 2048 bits and defaults to 1024 bits.

  • In FIPS mode:1024 to 2048 bits and defaults to 1024 bits.

[IMPORTANT: ]

IMPORTANT:

  • Only SSH1.5 uses the RSA server key pair.

Related commands: public-key local destroy and display public-key local public.

Examples

# Create local RSA key pairs.

<Sysname> system-view
[Sysname] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++
+++++++
+++++++++
+++

# Create a local DSA key pair.

<Sysname> system-view
[Sysname] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++.++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

prev

 

up

 next

public-key-code end 

home

 public-key local destroy

© Copyright 2016 Hewlett Packard Enterprise Development LP