Generating local key pairs
Generate local key pairs on the SCP client when the SCP server uses the authentication method publickey, password-publickey, or any.
Configuration restrictions and guidelines
When you generate local key pairs on an SCP client, follow these restrictions and guidelines:
Local DSA, ECDSA, and RSA key pairs for SSH use default names. You cannot assign names to the key pairs.
The SCP client operating in FIPS mode supports only ECDSA and RSA key pairs.
The key modulus length must be less than 2048 bits when you generate a DSA key pair.
Configuration procedure
To generate local key pairs on the SCP client:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Generate local key pairs. | public-key local create { dsa | ecdsa { secp256r1 | secp384r1 } | rsa } | By default, no local key pairs exist on an SCP client. |