The key-string command specifies a key string that is used for encryption and decryption.
The undo key-string command deletes the key string configuration.
By default, no key string is configured.
| Parameter | Description | Value |
|---|---|---|
| plain plain-text | Indicates the explicit text used for authentication. NOTE:
When configuring an authentication password, select the ciphertext mode because the password is saved in the configuration file as an explicit text if you select the explicit text mode, which has a high risk. To ensure device security, change the password periodically. |
The value is a string of case-sensitive characters that can be letters or digits. The configured text will be stored as unencrypted text and displayed as unencrypted text. The value is a string of case-sensitive characters ranging from 1 to 255. NOTE:
If a password contains a space, the password must be placed into a pair of double quotation marks. Only one pair of double quotation marks can be used for each user name. |
| cipher cipher-text | Indicates the ciphertext used for authentication. |
The value is a string of case-sensitive characters that can be letters or digits. The authentication password can be a string of 1 to 255 characters in explicit text or a string of 20 to 392 characters in ciphertext. NOTE:
If a password contains a space, the password must be placed into a pair of double quotation marks. Only one pair of double quotation marks can be used for each user name. |
Usage Scenario
In keychain authentication mode, secure protocol packet transmission is provided by changing the authentication algorithm and key dynamically. This can prevent unauthorized users from obtaining the key and authentication and encryption algorithms, and reduce the workload of changing the algorithm and key manually.
Each keychain consists of multiple key IDs that are valid within different time periods and each key ID is configured with an authentication algorithm. When a key ID becomes valid, the corresponding authentication algorithm is used.
When configuring an authentication algorithm, configure a key for protocol packet authentication.
Precautions
An authentication key configured in ciphertext mode will be also displayed in ciphertext mode. Therefore, remember the explicit text key string when configuring the key in cipher text mode.
If the authentication key is not configured, the corresponding key ID remains in the inactive state.