Key Management System
Configuring Key Chain Management
show key-chain
Displays the current key chains on the switch and their
overall status.
For example, to generate a new key chain entry:
Add new key chain
Entry “Procurve1”.
Display key chain
entries.
Figure 15-1. Adding a New Key Chain Entry
After you add an entry, you can assign key(s) to it for use by a KMS-enabled
protocol.
Assigning a Time-Independent Key to a Chain
A time-independent key has no Accept or Send time constraints. It is valid
from boot-up until you change it. If you use a time-independent key, then it is
the only key needed for a key chain entry.
Syntax: [no] key-chain < chain_name > key < key_id >
Generates or deletes a key in the key chain entry
< chain_name >. Using the optional no form of the
command deletes the key. The < key_id > is any
number from 0-255.
[ key-string < key_str > ]
This option lets you specify the key value for the
protocol using the key. The < key_str > can be any
string of up to 14 characters in length.
15-4
