[x]

Keychain commands > tcp-algorithm-id

 

 Next

tcp-algorithm-id

Use tcp-algorithm-id to set an algorithm ID for a TCP authentication algorithm.

Use undo tcp-algorithm-id to restore the default.

Syntax

tcp-algorithm-id { hmac-md5 | md5 } algorithm-id

undo tcp-algorithm-id { hmac-md5 | md5 }

Default

The algorithm ID is 3 for the MD5 authentication algorithm, and is 5 for the HMAC-MD5 authentication algorithm.

Views

Keychain view

Predefined user roles

network-admin

mdc-admin

Parameters

hmac-md5: Specifies the HMAC-MD5 authentication algorithm, which provides a key length of 16 bytes.

md5: Specifies the MD5 authentication algorithm, which provides a key length of 16 bytes.

algorithm-id: Specifies an algorithm ID in the range of 1 to 63.

Usage guidelines

If an application uses keychain authentication during TCP connection establishment, the incoming and outgoing TCP packets will carry the TCP Enhanced Authentication Option. The algorithm-id field in the option represents the authentication algorithm ID. The algorithm IDs are not assigned by IANA. They are vendor-specific.

To communicate with a peer device from another vendor, the local device must have the same algorithm ID as the peer device. For example, if the algorithm ID is 3 for the HMAC-MD5 algorithm on the peer device, you must execute the tcp-algorithm-id hmac-md5 3 command on the local device.

Examples

# Create keychain abc and set the algorithm ID to 1 for the HMAC-MD5 authentication algorithm.

<Sysname> system-view
[Sysname] keychain abc mode absolute
[Sysname-keychain-abc] tcp-algorithm-id hmac-md5 1

prev

 

up

 next

send-lifetime utc 

home

 tcp-kind

© Copyright 2018 Hewlett Packard Enterprise Development LP