key-id

Function

The key-id command creates a new set of key-ids or displays the key-id view.

The undo key-id command deletes the key-id configuration.

By default, no key-id is configured.

Format

key-id key-id

undo key-id key-id

Parameters

Parameter	Description	Value
key-id	Specifies the key identification number of a keychain.	The integer value ranges from 0 to 63.

Views

Keychain view

Default Level

2: Configuration Level

Usage Guidelines

Usage Scenario

In keychain authentication mode, secure protocol packet transmission is provided by changing the authentication algorithm and key string dynamically. This can reduce the workload of manually changing the algorithm and key.

The dynamic change of the keychain authentication algorithm is implemented based on the keys. Each keychain consists of multiple keys that are valid within different time periods and each key is configured with an authentication algorithm. When a key becomes valid, the corresponding authentication algorithm is used.

Follow-up Procedure

After key-id is specified, perform the following operations:

Run the algorithm command to configure an algorithm used by the key.
Run the key-string command to specify a key string.
Run the send-time command to specify the send time of the key.
Run the receive-time command to specify the receive time of the key.

Precautions

A key-id represents a key on the device.

A keychain supports 64 keys, but only one key takes effect during one period.

No active key can be used to authenticate and encrypt protocol packets at the intervals of keys. Therefore, run the default send-key-id command to specify a default key.

The time mode of the key must be the same as the time mode of Keychain.

Example

# Configure key-id 1.

<HUAWEI> system-view
[HUAWEI] keychain huawei mode absolute 
[HUAWEI-keychain-huawei] key-id 1
[HUAWEI-keychain-huawei-keyid-1]