security-key

Function

The security-key command sets an encrypted password for an E-Trunk.

The undo security-key command restores the default password of an E-Trunk.

By default, the password in plain text is 00E0FC0000000000.

Only the S5720-EI, S5720-HI, S5720I-SI, S5720S-SI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720-LI, S6720S-EI, S6720S-LI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S support this command.

Format

security-key { simple simple-key | cipher cipher-key }

undo security-key

Parameters

Parameter	Description	Value
simple simple-key	Indicates the password in plain text.	The value is a string of 1 to 255 case-sensitive characters without spaces and question mask (?). The default value is 00E0FC0000000000. When double quotation marks are used around the string, spaces are allowed in the string.
cipher cipher-key	Indicates the password in cipher text.	The value is a case-sensitive character string without spaces and question mask (?). When double quotation marks are used around the string, spaces are allowed in the string. When the cipher text is used, the password can be entered in plain or cipher text. The length depends on the input mode: The password in plain text is a string of 1 to 255 characters, but the cipher-text password of 32 to 392 characters is displayed during query. The password in plain text is a string of 24 or 32 to 392 characters. NOTE: It is recommended that the password in plain text be used. If the password in cipher text is used, the password must comply with the encryption algorithm. If the cipher-text password of 24 characters is supported before upgrade, the password is compatible during upgrade.

Parameter

Description

Value

simple simple-key

Indicates the password in plain text.

The value is a string of 1 to 255 case-sensitive characters without spaces and question mask (?). The default value is 00E0FC0000000000.

When double quotation marks are used around the string, spaces are allowed in the string.

cipher cipher-key

Indicates the password in cipher text.

The value is a case-sensitive character string without spaces and question mask (?).

When double quotation marks are used around the string, spaces are allowed in the string.

When the cipher text is used, the password can be entered in plain or cipher text. The length depends on the input mode:

The password in plain text is a string of 1 to 255 characters, but the cipher-text password of 32 to 392 characters is displayed during query.
The password in plain text is a string of 24 or 32 to 392 characters.

NOTE:

It is recommended that the password in plain text be used. If the password in cipher text is used, the password must comply with the encryption algorithm.
If the cipher-text password of 24 characters is supported before upgrade, the password is compatible during upgrade.

Views

E-Trunk view

Default Level

2: Configuration level

Usage Guidelines

If simple is specified, the password is saved in the configuration file in plain text. This brings security risks. Therefore, it is recommended that you specify cipher to save the password in cipher text.

You can encrypt the password with the plain text or cipher text.

When the password is encrypted in plain text, it can be displayed in the configuration file.
When the password is encrypted in cipher text, it is displayed as unidentifiable characters.

An encrypted password can be configured to enhance the system security. The encrypted passwords configured on the two devices of an E-Trunk must be the same.

Example

# Set the password of E-Trunk 1 to 00E0FC000000 and encrypt the password in cipher mode.

<HUAWEI> system-view
[HUAWEI] e-trunk 1
[HUAWEI-e-trunk-1] security-key cipher 00E0FC000000