Generating local key pairs
Generate local key pairs on the SFTP client when the SFTP server uses the authentication method publickey, password-publickey, or any.
Configuration restrictions and guidelines
When you generate local key pairs on an SFTP client, follow these restrictions and guidelines:
Local DSA, ECDSA, and RSA key pairs for SSH use default names. You cannot assign names to the key pairs.
The SFTP client operating in FIPS mode supports only ECDSA and RSA key pairs.
The key modulus length must be less than 2048 bits when you generate a DSA key pair.
Configuration procedure
To generate local key pairs on the SFTP client:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Generate local key pairs. | public-key local create { dsa | ecdsa secp256r1 | rsa } | By default, no local key pairs exist on an SFTP client. |