Network requirements
Create and export an RSA key pair on Device A, and then import the key pair to Device B.
Figure 79: Network diagram
Configuration procedure
Configure Device A:
# Create a local RSA key pair named rsa1 with the default modulus length of 1024 bits.
<DeviceA> system-view[DeviceA] public-key local create rsa name rsa1The range of public key size is (512 ~ 2048).NOTES: If the key modulus is greater than 512,It will take a few minutes.Press CTRL+C to abort.Input the bits of the modulus[default = 1024]:Generating Keys...+++++++++++++++++++++++++++++++++++
# Export the RSA key pair rsa1 by using the encryption algorithm 3DES CBC and password 12345678.
[DeviceA] public-key local export rsa name rsa1 pem 3des-cbc-128 12345678-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6Ne4EtnoKqBCL2YZvSjrG+8Hesae5FWtyj9D25PEkXagpLqb3i9Gm/Qbb6cqLLPUIgDS8eK7Wt/dXLeFUCDc0lY8VgujJPvarFL4+Jn+VuL9znNbboA9IxPH2fMvew8lkPCwkXoP+52J+1LRpYkh+rIpEKj7FG/3/wzGsXu8WJQIDAQAB-----END PUBLIC KEY----------BEGIN RSA PRIVATE KEY-----Proc-Type: 4,ENCRYPTEDDEK-Info: DES-EDE3-CBC,7F8FAB15399DF87CMGaftNqe4esjetm7bRJHSpsbwZ9YUpvA9iWh8R406NGq8e+1A/ZiK23+t1XqRwaU1FXnwbqHgW1pZ7JxQdgBuC9uXc4VQyP/xe6xCyUepdMC71fmeOaiwUFrj6LAzzBgo3SfhX1NHyHBnr7c6SnIeUTG2g/qRdj40TD4HcRjgPaLaTGguZ553GyS6ODWAwL7ZBTjv+vow9kfewZ74ocoBje2gLcWlbmiEKCJGV06zW4gv2AH6I8TAhv4GovIN/v1lCsD2PscXnPOloLTE/8EDLRHNE8RpIYDWqI/YI8Yg6wlx29mf29+cj/9r4gPrDPyc/TQ0a0g95Khdy+yl4eDKaFiQQ+Kqn4zdzDTDNq7LRtqr7lGQzVw6srfrr71ib7JyJFdi2RXETEgOS/jE+xGtNqd38F/YzIRPax7NNMK+hAJC2MzdbN/BEoLWOqG7PlmhvCE3LFxelExLJU+0XfAX77TI2+5LEHBi1UiGLeH08fd1XUQCefARlIxGoRJdtTugHP4+NF4PC9B1/GZoAYUp+171p1QwPk0vyU3TXijueqVUpQBUHGxSE0UW+SS1iwL8vsSLHIwK4aZ77Z1o+Uw1QBoqw9jpubG4gUkX8RII8E8b13I6/QTH78E4/FgAmIQHTYnE2RDHXkhPGR5FGJsZnd21XLvd2BEkGGmhTk80nDeiI2XH3D48E6UahQwcam/q/txd/KsLnp0rpJkc/WhOTprioeLQQEBayixKRWzNLsZt3L6lqYbA01Z1THho+EV0Ng0EZKQyiRV1j7gsBYFRinbSAsIpeYlr7gDAnBCRJdSfPNBKG+ewg==-----END RSA PRIVATE KEY-----
Copy the private key (started from -----BEGIN RSA PRIVATE KEY----- ) to a file for later import.
Configure Device B:
# Import the RSA key pair in PEM format, and name the imported RSA key pair as rsa1 on Device B.
When you see End with a Ctrl+C on a line by itself, copy the private key of the RSA key pair to Device B, press Ctrl+C, and then enter the password used to encrypt the RSA key pair when the key pair was exported.
[DeviceB] public-key local import rsa name rsa1 pemEnter PEM-formatted certificate.End with a Ctrl+C on a line by itself.-----BEGIN RSA PRIVATE KEY-----Proc-Type: 4,ENCRYPTEDDEK-Info: DES-EDE3-CBC,7F8FAB15399DF87CMGaftNqe4esjetm7bRJHSpsbwZ9YUpvA9iWh8R406NGq8e+1A/ZiK23+t1XqRwaU1FXnwbqHgW1pZ7JxQdgBuC9uXc4VQyP/xe6xCyUepdMC71fmeOaiwUFrj6LAzzBgo3SfhX1NHyHBnr7c6SnIeUTG2g/qRdj40TD4HcRjgPaLaTGguZ553GyS6ODWAwL7ZBTjv+vow9kfewZ74ocoBje2gLcWlbmiEKCJGV06zW4gv2AH6I8TAhv4GovIN/v1lCsD2PscXnPOloLTE/8EDLRHNE8RpIYDWqI/YI8Yg6wlx29mf29+cj/9r4gPrDPyc/TQ0a0g95Khdy+yl4eDKaFiQQ+Kqn4zdzDTDNq7LRtqr7lGQzVw6srfrr71ib7JyJFdi2RXETEgOS/jE+xGtNqd38F/YzIRPax7NNMK+hAJC2MzdbN/BEoLWOqG7PlmhvCE3LFxelExLJU+0XfAX77TI2+5LEHBi1UiGLeH08fd1XUQCefARlIxGoRJdtTugHP4+NF4PC9B1/GZoAYUp+171p1QwPk0vyU3TXijueqVUpQBUHGxSE0UW+SS1iwL8vsSLHIwK4aZ77Z1o+Uw1QBoqw9jpubG4gUkX8RII8E8b13I6/QTH78E4/FgAmIQHTYnE2RDHXkhPGR5FGJsZnd21XLvd2BEkGGmhTk80nDeiI2XH3D48E6UahQwcam/q/txd/KsLnp0rpJkc/WhOTprioeLQQEBayixKRWzNLsZt3L6lqYbA01Z1THho+EV0Ng0EZKQyiRV1j7gsBYFRinbSAsIpeYlr7gDAnBCRJdSfPNBKG+ewg==-----END RSA PRIVATE KEY-----^CPlease input the password:
Verifying the configuration
Verify that the public key of RSA key pair rsa1 on Device B is the same as the public key of RSA key pair rsa1 on Device A.
# Display the public key information of local RSA key pairs on Device B.
<DeviceB> display public-key local rsa publicTime of Key pair created: 14:42:29 2013/03/21Key name: rsa1Key type: RSA=====================================================Key code:30819F300D06092A864886F70D010101050003818D0030818902818100CD7891BEB84FEE1F6ECF45C4D533B03BAFD73A983D3DEA9FE362C153D6E2BEB80DD234E749A42A5541F23B6C45AEC04C7F80D81F40B18105A88DFDE1802279062906F8DC65872A1F763F7BF471548D709118494C5F6220E58D5F2722A7A183999075EB494828DB7843855A81A0E701C1CDC15BBEF136329308DC179CD9D38BB30203010001<DeviceB>
# Display the public key information of the local RSA key pairs on Device A.
<DeviceA> display public-key local rsa publicTime of Key pair created: 14:42:29 2013/03/21Key name: rsa1Key type: RSA=====================================================Key code:30819F300D06092A864886F70D010101050003818D0030818902818100CD7891BEB84FEE1F6ECF45C4D533B03BAFD73A983D3DEA9FE362C153D6E2BEB80DD234E749A42A5541F23B6C45AEC04C7F80D81F40B18105A88DFDE1802279062906F8DC65872A1F763F7BF471548D709118494C5F6220E58D5F2722A7A183999075EB494828DB7843855A81A0E701C1CDC15BBEF136329308DC179CD9D38BB30203010001