[x]

Public key management commands > public-key local export ecdsa

 

 Next

public-key local export ecdsa

Use public-key local export ecdsa to export a local ECDSA host public key.

Syntax

public-key local export ecdsa [ name key-name ] { openssh | ssh2 } [ filename ]

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

name key-name: Specifies a local ECDSA key pair by its name, a case-insensitive string of 1 to 64 characters. Valid characters are letters, digits, and hyphens (-). If you do not specify a key pair, this command exports the host public key of the local ECDSA key pair with the default name.

openssh: Exports the host public key in OpenSSH format.

ssh2: Exports the host public key in SSH 2.0 format.

filename: Specifies the name of the file for saving the local host public key. The file name is a case-insensitive string of 1 to 128 characters. The name cannot be dots (.), hostkey, serverkey, dsakey, or ecdsakey, and cannot start with a slash (/) or contain ./ and ../. For more information about file names, see Fundamentals Configuration Guide. If you do not specify a file name, this command displays the key on the monitor screen.

Usage guidelines

You can use this command to export a local ECDSA host public key before distributing it to a peer device.

To distribute a local ECDSA host public key to a peer device:

  1. Save the exported ECDSA host public key to a file by using one of the following methods:

    • Use the public-key local export ecdsa [ name key-name ] { openssh | ssh2 } command to export the local host public key, and then copy and paste it to a file.

    • Use the public-key local export ecdsa [ name key-name ] { openssh | ssh2 } filename command to export the host public key to a file. You cannot export the key to the folder pkey or its subfolders.

  2. Transfer a copy of the file to the peer device, for example, by using FTP in binary mode or TFTP. For more information about FTP and TFTP, see Fundamentals Configuration Guide.

  3. On the peer device, use the public-key peer import sshkey command to import the host public key from the file.

SSH 2.0 and OpenSSH are different public key formats. Choose the correct format that is supported by the device where you import the host public key.

Only the ECDSA host public key generated by using the secp256r1 curve can be exported.

Examples

# Export the host public key of the local ECDSA key pair with the default name in OpenSSH format to the file named key.pub.

<Sysname> system-view
[Sysname] public-key local export ecdsa openssh key.pub

# Display the host public key of the local ECDSA key pair with the default name in SSH 2.0 format.

<Sysname> system-view
[Sysname] public-key local export ecdsa ssh2
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "ecdsa-sha2-nistp256-2014/07/06"
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBREw5tkARpbV+sYArt/xcW+UJEAevx7OckTtTLPBiLP5bWkSdKbvo+3oHRuIyZqmNTIcxuBjuBap+pHc919C58=
---- END SSH2 PUBLIC KEY ----

# Display the host public key of the local ECDSA key pair with the default name in OpenSSH format.

<Sysname> system-view
[Sysname] public-key local export ecdsa openssh
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBREw5tkARpbV+sYArt/xcW+UJEAevx7OckTtTLPBiLP5bWkSdKbvo+3oHRuIyZqmNTIcxuBjuBap+pHc919C58=
 ecdsa-key

Related commands

public-key local create

public-key peer import sshkey

prev

 

up

 next

public-key local export dsa 

home

 public-key local export rsa

© Copyright 2018 Hewlett Packard Enterprise Development LP