display keychain
Use display keychain to display keychain information.
Syntax
display keychain [ name keychain-name [ key key-id ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a keychain, this command displays information about all keychains.
key key-id: Specifies a key by its ID in the range of 0 to 281474976710655. If you do not specify a key, this command displays information about all keys in a keychain.
Examples
# Display information about all keychains.
<Sysname> display keychain Keychain name : abc Mode : absolute Accept tolerance : 0 TCP kind value : 254 TCP algorithm value HMAC-MD5 : 5 MD5 : 3 Default send key ID : 2 (Inactive) Active send key ID : 1 Active accept key IDs: 1 2 Key ID : 1 Key string : $c$3$vuJpEX3Lah7xcSR2uqmrTK2IZQJZguJh3g== Algorithm : md5 Send lifetime : 01:00:00 2015/01/22 to 01:00:00 2015/01/25 Send status : Active Accept lifetime : 01:00:00 2015/01/22 to 01:00:00 2015/01/27 Accept status : Active Key ID : 2 Key string : $c$3$vuJpEX3Lah7xcSR2uqmrTK2IZQJZguJh3g== Algorithm : md5 Send lifetime : 01:00:01 2015/01/25 to 01:00:00 2015/01/27 Send status : Inactive Accept lifetime : 01:00:00 2015/01/22 to 01:00:00 2015/01/27 Accept status : Active
Table 15: Command output
Field | Description |
---|---|
Mode | Time mode for the keychain. |
Accept tolerance | Tolerance time (in minutes) for accept keys of the keychain. |
TCP kind value | Value for the TCP kind field. |
TCP algorithm value | ID of the TCP authentication algorithm. |
Default send key ID | ID of the default send key. The status for the key is displayed in parentheses. |
Key string | Key string in encrypted form. |
Algorithm | Authentication algorithm for the key:
|
Send lifetime | Sending lifetime for the key. |
Send status | Status of the send key: Active or Inactive. |
Accept lifetime | Receiving lifetime for the key. |
Accept status | Status of the accept key: Active or Inactive. |