authentication-mode

Function

The authentication-mode command configures an E-Trunk authentication and encryption mode.

The undo authentication-mode command restores the default configuration.

By default, the E-Trunk authentication and encryption mode is ENHANCED-HMAC-SHA256.

Format

authentication-mode mode

undo authentication-mode

Parameters

Parameter Description Value
mode

Indicates the mode of E-Trunk authentication and encryption.

Enumerated type. Options: hmac-sha1, hmac-sha256, and enhanced-hmac-sha256.

Views

E-Trunk view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
etrunk write

Usage Guidelines

Usage Scenario

The Hash-based Message Authentication Code (HMAC) algorithm uses the hash algorithm and outputs a message digest after a key and message are input.

By default, the E-Trunk authentication and encryption mode is HMAC-SHA1. run the authentication-mode command to set the E-Trunk authentication and encryption mode to HMAC-SHA2-256 or ENHANCED-HMAC-SHA256.

Follow-up Procedure

Run the security-key command to configure a password for encrypting E-Trunk packets.

Precautions

  • Two devices in an E-Trunk must have the same E-Trunk authentication and encryption mode.
  • Run the undo authentication-mode command to restore the default configuration, the E-Trunk authentication and encryption mode HMAC-SHA1 have a low security, which may bring security risks. To improve system security, run the authentication-mode command to set the E-Trunk authentication and encryption mode to HMAC-SHA2-256 or ENHANCED-HMAC-SHA256

Example

# Configure the E-Trunk authentication and encryption mode as HMAC-SHA2-256.
<HUAWEI> system-view
[~HUAWEI] e-trunk 1
[*HUAWEI-e-trunk-1] authentication-mode hmac-sha256
Parent Topic: Eth-Trunk Interface Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >