No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ecc local-key-pair create

ecc local-key-pair create

Function

The ecc local-key-pair create command generates a local Elliptic Curves Cryptography (ECC) host key pair.

By default, no local ECC host key pair exists in the system.

Format

ecc local-key-pair create

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

A local key pair is a prerequisite to a successful SSH login. Compared with the RSA algorithm used by the rsa local-key-pair create command, the ECC algorithm shortens the key length, accelerates the encryption, and improves the security. The length of the server key pair and the host key pair can be 256 bits, 384 bits and 521 bits. By default, the length of the key pair is 521 bits.

Follow-up Procedure

Perform other SSH configurations.

Precautions

  • The generated ECC host key pair is named in the format of wireless access controller name_Host_ECC, such as AC6605_Host_ECC.

  • The ecc local-key-pair create and ecc local-key-pair destroy commands are not saved in the configuration file. They only need to be run once and take effect even after the wireless access controller restarts.

  • Do not delete the ECC key file from the wireless access controller. If the ECC key file is deleted, the ECC key pair cannot be restored after the wireless access controller is restarted.

Example

# Generate a local ECC host key pair.

<AC6605> system-view
[AC6605] ecc local-key-pair create
Info: The key name will be: AC6605_Host_ECC.
Info: The ECC host key named AC6605_Host_ECC already exists.
Warning: Do you want to replace it ? [Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:521
Info: Generating keys...
Info: Succeeded in creating the ECC host keys.

# Enter an incorrect key length and re-enters the key length for a maximum number of retry attempts.

<AC6605> system-view
[AC6605] ecc local-key-pair create
Info: The key name will be: AC6605_Host_ECC.
Info: The ECC host key named AC6605_Host_ECC already exists.
Warning: Do you want to replace it ?[Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:123
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:1024
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:512
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:2048
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:4096
Error: Invalid ECC key modulus.
Error: The maximum number of retries has reached, and the command has already been canceled.
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3198454

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :