No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
rsa peer-public-key

rsa peer-public-key

Function

The rsa peer-public-key command displays the view of the RSA public key, and specifies an RSA public key name.

The undo rsa peer-public-key command deletes a rsa public key.

By default, no public key is configured.

Format

rsa peer-public-key key-name [ encoding-type { der | openssh | pem } ]

undo rsa peer-public-key key-name

Parameters

Parameter Description Value
key-name Specifies the rsa public key name. The value is a string of 1 to 30 case-insensitive characters without spaces.
encoding-type Specifies an encoding format for an RSA public key. -
der

Specifies the DER format for an RSA public key.

DER encodes data in hexadecimal format.

-
openssh

Specifies the OpenSSH format for an RSA public key.

OpenSSH encodes data in base-64 format.

OpenSSH is an encoding format based on PEM.

-
pem

Specifies the PEM format for an RSA public key.

PEM encodes data in base-64 format.

-

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

When you use an RSA public key for authentication, you must specify the public key of the corresponding client for an SSH user on the server. When the client logs in to the server, the server uses the specified public key to authenticate the client. You can also save the public key generated on the server to the client. Then the client can be successfully authenticated by the server when it logs in to the server for the first time.

Huawei data communications devices support only the DER format for RSA keys. If you use an RSA key in non-DER format, use a third-party tool to convert the key into a key in DER format.

Because a third-party tool is not released with Huawei system software, RSA usability is unsatisfactory. In addition to DER, RSA keys need to support the privacy-enhanced mail (PEM) and OpenSSH formats to improve RSA usability.

Third-party software, such as SecureCRT, PuTTY, OpenSSH, and OpenSSL, can be used to generate RSA keys in different formats. The details are as follows:
  • The SecureCRT and PuTTY generate RSA keys in PEM format.
  • The OpenSSH generates RSA keys in OpenSSH format.
  • The OpenSSL generates RSA keys in DER format.

OpenSSL is an open source software. You can download related documents at http://www.openssl.org/.

After you configure an encoding format for an RSA public key, Huawei data communications device automatically generates an RSA public key in the configured encoding format and enters the RSA public key view. Then you can run the public-key-code begin command and manually copy the RSA public key generated on the peer device to the local device.

Prerequisite

The rsa public key in hexadecimal notation on the remote host has been obtained and recorded.

Follow-up Procedure

After you copy the RSA public key generated on the peer device to the local device, perform the following operations to exit the RSA public key view:
  1. Run the public-key-code end command to return to the RSA public key view.
  2. Run the peer-public-key end command to exit the RSA public key view and return to the system view.

Precautions

If an RSA public key has assigned to an SSH client, release the binding relationship between the public key and the SSH client. If you do not release the binding relationship between them, the undo rsa peer-public-key command will fail to delete the RSA public key.

Example

# Display the rsa public key view.

<Huawei> system-view
[Huawei] rsa peer-public-key rsakey001
[Huawei-rsa-public-key]
# Configure an encoding format for an RSA public key and enter the RSA public key view.
<Huawei> system-view
[Huawei] rsa peer-public-key RsaKey001 encoding-type openssh
[Huawei-rsa-public-key]
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 128223

Downloads: 99

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next