12
file names, see
Fundamentals Configuration Guide
. If you do not specify a file name, this command
displays the key on the monitor screen.
Usage guidelines
You can use this command to export a local DSA host public key before distributing it to a peer
device.
To distribute a local DSA host public key to a peer device:
1.
Save the exported local host public key to a file by using one of the following methods:
Use the
public-key local export dsa
[
name
key-name
]
{
openssh
|
ssh2
}
command to export the local host public key, and then copy and paste the key to a file.
Use the
public-key local export dsa
[
name
key-name
]
{
openssh
|
ssh2
}
filename
command to export the key to a file. You cannot export the key to the folder
pkey
or its subfolders.
2.
Transfer a copy of the file to the peer device, for example, by using FTP in binary mode or TFTP.
For more information about FTP and TFTP, see
Fundamentals Configuration Guide
.
3.
On the peer device, use the
public-key peer import
sshkey
command to import the
host public key from the file.
SSH 2.0 and OpenSSH are different public key formats. Choose the correct format that is supported
on the device where you import the host public key.
Examples
# Export the host public key of the local DSA key pair with the default name in OpenSSH format to a
file named
key.pub
.
<Sysname> system-view
[Sysname] public-key local export dsa openssh key.pub
# Display the host public key of the local DSA key pair with the default name in SSH 2.0 format.
<Sysname> system-view
[Sysname] public-key local export dsa ssh2
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "dsa-key-2011/05/12"
AAAAB3NzaC1kc3MAAACBANdXJixFhMRMIR8YvZbl8GHE8KQj9/5ra4WzTO9yzhCM7OZb5sJlhUiJ3
B7b0T7IsnTan3W6Jsy5kiuoRCHyLDyJy5sG/WD+axKJPadu68HRKNl/BnjXcitTQchQbz
WCFLFqL6xLNolQOHgRx9ozAAAAFQDHcyGMc37I7pk7Ty3tMPSO2s6RXwAAAIEAgiaQCeFOxHS68pMuadOx8YU
XrZWUGEzN/OrpbsTV75MTPoS0cJPFKyDNNdAkkrOVnsZJliW8T6UILiLFs3ThbdABMs5xsCAhcJGscXthI5HH
bB+y6IMXwb2BcdQey4PiEMA8ybMugQVhwhYhxz1tqsAo9LFYXaf0JRlxjMmwnu8AAACAQZEs400SvNIVfnqxw
vA7PvOVEA89tKni/f6GDBvWY9Z2Q499pAqUBtYcqQea8T4zBInxx2eF3lLaZJrIvAS205zXxSzQoU9190kakd
MdasIjQLWYGyepFc3sTwmIflQeweUwLVAPaOesKe4maYWlAvySGT4c9NJlxLo=
---- END SSH2 PUBLIC KEY ----
# Display the host public key of the local DSA key pair with the default name in OpenSSH format.
<Sysname> system-view
[Sysname] public-key local export dsa openssh
ssh-dss
AAAAB3NzaC1kc3MAAACBANdXJixFhMRMIR8YvZbl8GHE8KQj9/5ra4WzTO9yzhCM7OZb5sJlhUiJ3
B7b0T7IsnTan3W6Jsy5kiuoRCHyLDyJy5sG/WD+axKJPadu68HRKNl/BnjXcitTQchQbz
WCFLFqL6xLNolQOHgRx9ozAAAAFQDHcyGMc37I7pk7Ty3tMPSO2s6RXwAAAIEAgiaQCeFOxHS68pMuadOx8YU
XrZWUGEzN/OrpbsTV75MTPoS0cJPFKyDNNdAkkrOVnsZJliW8T6UILiLFs3ThbdABMs5xsCAhcJGscXthI5HH
bB+y6IMXwb2BcdQey4PiEMA8ybMugQVhwhYhxz1tqsAo9LFYXaf0JRlxjMmwnu8AAACAQZEs400SvNIVfnqxw
vA7PvOVEA89tKni/f6GDBvWY9Z2Q499pAqUBtYcqQea8T4zBInxx2eF3lLaZJrIvAS205zXxSzQoU9190kakd
MdasIjQLWYGyepFc3sTwmIflQeweUwLVAPaOesKe4maYWlAvySGT4c9NJlxLo= dsa-key
# Export the host public key of the local DSA key pair
dsa1
in OpenSSH format to the file
dsa1.pub
.
<Sysname> system-view
Summary of Contents for SOHO IE4300
Page 285: ...i Contents Tcl commands 1 cli 1 tclquit 1 tclsh 2...
Page 288: ...i Contents Python commands 1 exit 1 python 1 python filename 2...
Page 291: ...i Contents Automatic configuration commands 1 autodeploy udisk enable 1...
Page 323: ...25 Sysname Ten GigabitEthernet1 0 51 undo shutdown Related commands irf port...
Page 465: ...ii stp vlan enable 55 vlan mapping modulo 55...
Page 602: ...12 Related commands display mvrp statistics...
Page 609: ...i Contents VLAN mapping commands 1 display vlan mapping 1 vlan mapping 2...
Page 678: ...9 Related commands reset pppoe relay statistics...
Page 846: ...i Contents Basic IP forwarding commands 1 display fib 1 ip forwarding table save 2...
Page 1770: ...i Contents Time range commands 1 display time range 1 time range 1...
Page 2026: ...34 Related commands display mac authentication...
Page 2028: ...ii...
Page 2143: ...i Contents User profile commands 1 display user profile 1 user profile 2...
Page 2308: ...61 ipsec transform set...
Page 2531: ...i Contents SAVI commands 1 ipv6 savi down delay 1 ipv6 savi log enable 1 ipv6 savi strict 2...
Page 2534: ...3 Sysname ipv6 savi strict Related commands ipv6 verify source...
Page 2791: ...14 Sysname track 1 Related commands delay display track...
Page 2939: ...9 sntp authentication keyid sntp reliable authentication keyid...
Page 2967: ...27 Related commands apply poe profile poe enable poe max power interface view poe priority...