rsa peer-public-key

Function

The rsa peer-public-key command configures an encoding format for RSA public key and enters the RSA public key view.

The undo rsa peer-public-key command deletes the RSA public key.

By default, rsa peer-public-key is not configured.

Format

rsa peer-public-key key-name

rsa peer-public-key key-name encoding-type enc-type

undo rsa peer-public-key key-name

Parameters

Parameter	Description	Value
key-name	Specifies the RSA public key name.	The name is a string of 1 to 40 characters without a blank space. When quotation marks are used around the string, spaces are allowed in the string.
encoding-type enc-type	Specifies an encoding format for RSA public key, the default is DER.	The value is an enumerated type, which can be: der: Specifies the Distinguished Encoding Rules (DER) format for RSA public key. DER encodes data in hexadecimal format. openssh: Specifies the Open SSH format for RSA public key. OpenSSH encodes data in base-64 format and is based on PEM. pem: Specifies the Privacy Enhanced Mail (PEM) format for RSA public key. PEM encodes data in base-64 format.

Parameter

Description

Value

key-name

Specifies the RSA public key name.

The name is a string of 1 to 40 characters without a blank space.

When quotation marks are used around the string, spaces are allowed in the string.

encoding-type enc-type

Specifies an encoding format for RSA public key, the default is DER.

The value is an enumerated type, which can be:

der: Specifies the Distinguished Encoding Rules (DER) format for RSA public key. DER encodes data in hexadecimal format.
openssh: Specifies the Open SSH format for RSA public key. OpenSSH encodes data in base-64 format and is based on PEM.
pem: Specifies the Privacy Enhanced Mail (PEM) format for RSA public key. PEM encodes data in base-64 format.

Views

System view

Default Level

3: Management level

Task Name and Operations

Task Name	Operations
ssh-server	write

Usage Guidelines

Usage Scenario

When you use RSA public key for authentication, specify the public key on the server for the client of SSH users. When the client logs in to the server, the server uses the specified public key to authenticate the client.

Peer public keys can be in the PKCS#1 format only.

The public key on the client is randomly generated by the client software.

Follow-up Procedure

Run the public-key-code begin command to edit the public key, and copy the RSA public key to the server.
Run the public-key-code end command to return to the RSA public key view.
Run the peer-public-key end command to exit the RSA public key view and return to the system view.

Precautions

If the RSA public key has been assigned to an SSH user, run the undo ssh user user-name assign rsa-key command to delete the mapping between the RSA public key and the SSH user. If you do not delete the mapping, the undo rsa peer-public-key command cannot delete the RSA public key.

A maximum of 20 RSA public keys can be configured.

Example

# Create an RSA public key name rsakey001 and enter the public key view.

<HUAWEI> system-view
[~HUAWEI] rsa peer-public-key rsakey001 encoding-type der
Enter "RSA public key" view, and you can return the system view with "peer-public-key end".
[*HUAWEI-rsa-public-key]