Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3

421

422

423

424

425

426

427

428

429

430

Cryptography Commands

Mobility System Software Command Reference Guide

Version 7.3

16 – 412

crypto generate key

Generates an RSA public-private encryption key pair that is required for a Certificate Signing

Request (CSR) or a self-signed certificate. For SSH, generates an authentication key.

Syntax

crypto generate key {admin | domain | eap | ssh | web}

{128 | 512 | 1024 | 2048}

Defaults

None.

Access

Enabled.

History

Usage

You can overwrite a key by generating another key of the same type.

SSH requires an SSH authentication key, but you can allow MSS to generate it automatically.

The first time an SSH client attempts to access the SSH server on an MX, the MX automatically

generates a 1024-byte SSH key. If you want to use a 2048-byte key instead, use the crypto

generate key ssh 2048 command to generate one.

Examples

To generate an administrative key for use with RingMaster, type the following

command:

MX# crypto generate key admin 1024

key pair generated

See Also

show crypto key ssh on page 16-419

crypto generate request

Generates a Certificate Signing Request (CSR). This command outputs a PEM-formatted

PKCS #10 text string that you can cut and paste to another location for delivery to a certificate

authority.

This command generates either an administrative CSR for use with RingMaster and Web View, or

an EAP CSR for use with 802.1X clients.

admin Generates an administrative key pair for authenticating the MX to RingMaster or

Web View.

domain Generates a key pair for authenticating management traffic exchanged by MX

switches within a Mobility Domain.

eap Generates an EAP key pair for authenticating the MX to 802.1X supplicants

(clients).

ssh Generates a key pair for authenticating the MX to Secure Shell (SSH) clients.

web Generates an administrative key pair for authenticating the MX to WebAAA

clients.

128 | 512 | 1024 | 2048 Length of the key pair in bits.

Note: The minimum key length for SSH is 1024. The length 128 applies

only to domain and is the only valid option for it.

Version 1.0 Command introduced

Version 2.0 Option ssh added for generating an SSH key

Version 3.0 webaaa option added

Version 4.1 webaaa option renamed to web

Version 5.0 domain option added