Operation Manual – SSH
H3C S3610&S5510 Series Ethernet Switches
Chapter 1 SSH Configuration
1-7
1.2.4 Configuring RSA Keys
I. Creating the RSA key pair
For successful SSH login, you must create the RSA key pair first.
Follow these steps to create an RSA key pair:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create the local
RSA key pair
public-key local
create rsa
Required
By default, there is no RSA key pair.
Caution:
z
Configuration of the
rsa local-key-pair create
command can survive a reboot. You
only need to configure it once.
z
The length of an RSA server/host key is in the range 512 to 2048 bits. With SSH2,
however, some clients require that the keys generated by the server must not be
less than 768 bits.
II. Exporting the RSA key pair
You can display or export the local RSA host key for setting the host key on the remote
end.
Follow these steps to display or export an RSA host key:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Display the local RSA host key on
the screen in a specified format, or
export it to a specified file
public-key local export
rsa
{
openssh
|
ssh1
|
ssh2
} [
filename
]
Required
III. Destroying the RSA key pair
Follow these steps to destroy an RSA key pair:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Destroy the local RSA key pair
public-key local destroy
rsa
Required