Assigning a time-independent key to a chain

A time-independent key has no Accept or Send time constraints. It is valid from boot-up until you change it. If you use a time-independent key, then it is the only key needed for a key chain entry.

Syntax

[no] key-chain chain_name key key_id

Generates or deletes a key in the key chain entry <chain_name> . Using the optional no form of the command deletes the key. The <key_id> is any number from 0-255.

[key-string key_str]

This option lets you specify the key value for the protocol using the key. The <key_str> can be any string of up to 14 characters in length.

[accept-lifetime infinite] [send-lifetime infinite]

accept-lifetime infinite:Allows packets with this key to be accepted at any time from boot-up until the key is removed.

send-lifetime infinite: Allows the switch to send this key as authorization, from boot-up until the key is removed.

show key-chain chain_name

Displays the detail information about the keys used in the key chain named chain_name .

Example

To generate a new time-independent key for the switch key chain entry:

Adding and displaying a time-independent key to a key chain entry