The ecc peer-public-key command creates an ECC public key and enters the Elliptic Curves Cryptography (ECC) public key view.
The undo ecc peer-public-key command deletes an ECC public key.
By default, no ECC public key is created.
ecc peer-public-key key-name encoding-type { der | pem | openssh }
undo ecc peer-public-key key-name
| Parameter | Description | Value |
|---|---|---|
| key-name | Specifies an ECC public key name. | The value is a string of 1 to 30 case-sensitive characters, spaces not supported. |
| encoding-type | Indicates the encoding type of an ECC public key. | - |
| der | Specifies DER as the encoding type of an ECC public key. If DER is specified, data is encoded in hexadecimal notation. |
- |
| pem | Specifies PEM as the encoding type of an ECC public key. If PEM is specified, data is Base64 encoded. |
- |
| openssh | Specifies OpenSSH as the encoding type of an ECC public key. If OpenSSH is specified, data is Base64 encoded. OpenSSH is derived from PEM. |
- |
Usage Scenario
When ECC public key authentication is used, a client's public key must be specified on the server for an SSH user. When the client logs in to the server, the server performs authentication on the client based on the public key of the SSH user.
After an ECC public key is created and the ECC public key view is displayed, run the public-key-code begin command, then you can manually copy the client's public key to the server.
The client's public key is randomly generated by the client software.
If an ECC public key has been assigned to an SSH client, delete the binding between the public key and the SSH client before deleting the ECC public key. Otherwise, the undo dsa peer-public-key command will fail to delete the ECC public key.
Follow-up Procedure
Precautions
A maximum of 20 ECC public keys can be created.
The peer public key supports only PKCS#1. Other PKCS versions are not supported.
# Create an ECC public key and enter the ECC public key view.
<HUAWEI> system-view [HUAWEI] ecc peer-public-key ecc-peer-key encoding-type pem Info: Enter "ECC public key" view, return system view with "peer-public-key end". [HUAWEI-ecc-public-key] public-key-code begin Info: Enter "ECC key code" view, return the last view with "public-key-code end". [HUAWEI-ecc-key-code] ---- BEGIN SSH2 PUBLIC KEY ---- [HUAWEI-ecc-key-code] AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACDBL5J4v3pqi5S [HUAWEI-ecc-key-code] ALI9lvLw4cdvtpD2AC6sEJXg9GDCD5vGBnkXlKmnOy6d1TyrXx57ZPNnrSdqVkHC [HUAWEI-ecc-key-code] sMBa63vSwg1XsVW2qZgx8H57+FJiTPY61b1Vfst9GUif1ymfpB7XrbdYZDownoh0 [HUAWEI-ecc-key-code] FZNadZtIf2CRc0OeiKXbCSPP25dfoT/DTcc= [HUAWEI-ecc-key-code] ---- END SSH2 PUBLIC KEY ---- [HUAWEI-ecc-key-code] public-key-code end [HUAWEI-ecc-public-key] peer-public-key end
# Delete an ECC public key.
<HUAWEI> system-view [HUAWEI] undo ecc peer-public-key ecc-peer-key Warning: The public key named ecc-peer-key will be deleted. Continue? [Y/N]:Y