Displaying And Maintaining Keychain; Keychain Configuration Example; Network Requirements; Configuration Procedure - HP FlexNetwork 10500 Series Security Configuration Manual

Displaying and maintaining keychain

Execute display commands in any view.
Task
Display keychain information.

Keychain configuration example

Network requirements

As shown in
and use a keychain to authenticate packets between the switches. Configure key 1 and key 2 for the
keychain and make sure key 2 is used immediately when key 1 expires.
Figure 153 Network diagram

Configuration procedure

Configuring Switch A
# Configure IP addresses for interfaces. (Details not shown.)
# Configure OSPF.
<SwitchA> system-view
[SwitchA] ospf 1 router-id 1.1.1.1
[SwitchA-ospf-1] area 0
[SwitchA-ospf-1-area-0.0.0.0] network 192.1.1.0 0.0.0.255
[SwitchA-ospf-1-area-0.0.0.0] quit
[SwitchA-ospf-1] quit
# Create a keychain named abc, and specify the absolute time mode for it.
[SwitchA] keychain abc mode absolute
# Create key 1 for keychain abc, specify an authentication algorithm, and configure a key string and
the sending and receiving lifetimes for the key.
[SwitchA-keychain-abc] key 1
[SwitchA-keychain-abc-key-1] authentication-algorithm hmac-sha-256
[SwitchA-keychain-abc-key-1] key-string plain 123456
[SwitchA-keychain-abc-key-1] send-lifetime utc 10:00:00 2015/02/06 to 11:00:00 2015/02/06
[SwitchA-keychain-abc-key-1] accept-lifetime utc 10:00:00 2015/02/06 to 11:00:00
2015/02/06
[SwitchA-keychain-abc-key-1] quit
# Create key 2 for keychain abc, specify an authentication algorithm, and configure a key string and
the sending and receiving lifetimes for the key.
[SwitchA-keychain-abc] key 2
Command
display keychain [ name keychain-name [ key key-id ] ]
Figure 153, establish an OSPF neighbor relationship between Switch A and Switch B,
522