No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ecc local-key-pair

ecc local-key-pair


The ecc local-key-pair create command generates a local ECC host key pair.

The ecc local-key-pair destroy command deletes the local ECC key.

By default, no local ECC host key pair exists in the system.


ecc local-key-pair create

ecc local-key-pair destroy




System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

A local key pair is a prerequisite to a successful SSH login. Compared with the RSA algorithm used by the rsa local-key-pair create command, the ECC algorithm shortens the key length, accelerates the encryption, and improves the security.The length of the server key pair can be 256 bits, 384 bits and 521 bits. By default, the length of the key pair is 256 bits.

If you no longer need the local ECC key pairs, run the ecc local-key-pair destroy command to delete them.

Configuration Impact

The ecc local-key-pair destroy command deletes the local ECC host key pair, from the files on the master and slave main control boards. Exercise caution when you run this command.

  • The generated ECC host key pair is named in the format of the Router name_Host_ECC, such as HUAWEI_Host_ECC.

  • The ecc local-key-pair create and ecc local-key-pair destroy commands are not saved in the configuration file. They only need to be run once and take effect even after the Router restarts.

  • Do not delete the ECC key file from the Router . If the ECC key file is deleted, the ECC key pair cannot be restored after the Router is restarted.


# Generate a local ECC host key pair

<Huawei> system-view
[Huawei] ecc local-key-pair create
Info: The key name will be: HUAWEI_Host_ECC.
Info: The ECC host key named HUAWEI_Host_ECC already exists.
Warning: Do you want to replace it ? [Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=256]:256
Info: Generating keys...
Info: Succeeded in creating the ECC host keys.

# Delete the local ECC host key pair.

<Huawei> system-view
[Huawei] ecc local-key-pair destroy
Info: The name of the key which will be destroyed is HUAWEI_Host_ECC.
Warning: These keys will be destroyed. Continue? [Y/N]:Y
Info: Succeeded in destroying the ECC host keys.
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 135740

Downloads: 148

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next