The key-pair label command creates the key-pairs with specified label name.
The undo key-pair label command deletes the key-pairs with specified label name.
By default, a device does not have local key pairs or server key pairs.
| Parameter | Description | Value |
|---|---|---|
| label-name |
Specifies the label name of the key pair. |
The value is a string of 1 to 35 case-insensitive characters, spaces not supported. The string can contain only letters, digits, and underscores (_). |
| modulus modulus-bits |
Specifies the key-pair modulus bit value. |
The value is an integer that can be 256, 384, or 521, in bits. The default value is 521 bits. The greater the modulus of a key pair, the higher the security. However, it takes longer time to generate and use key pairs of a greater modulus. |
| ecc |
Specifies to generate the ECC key-pairs. |
- |
| sm2 |
Specifies to generate the SM2 key-pairs. |
- |
| dsa |
Specifies to generate the DSA key-pairs. |
- |
Usage Scenario
The DSA/ECC/SM2 key-pair algorithms are used for user authentication in SSH and ensures security.
Configuration Impact
On execution of the dsa key-pair label command, a new DSA key-pair is generated and stored with the given label name. On execution of the undo dsa key-pair label command, the DSA key-pair with the given label name is deleted from the database.
On execution of the ecc key-pair label command, a new ECC key-pair is generated and stored with the given label name. On execution of the undo ecc key-pair label command, the ECC key-pair with the given label name is deleted from the database.
On execution of the sm2 key-pair label command, a new SM2 key-pair is generated and stored with the given label name. On execution of the undo sm2 key-pair label command, the SM2 key-pair with the given label name is deleted from the database.