Comware

Hello,

I would like to specify a list of clients' public keys authorized to connect to a HPE A5510 switch.

I'm facing the following error: Invalid key code, because the length of it is not even. when following the steps below:

[SW-HPE] public-key peer pk1[SW-HPE-pkey-public-key-pk1] ...33A1B123D7DE4C112D42E70F3AAFC34446E923FD595FD1779476...[SW-HPE-pkey-public-key-pk1] peer-public-key endInvalid key code, because the length of it is not even.[SW-HPE]

I have generated a pair of private/public keys using PuttyGen (RSA/2048 bits). I then have tried to convert my public key to an hexadecimal format using various online converting tools (from Base64 to HEX for instance) but it seems the format is still not the good one... The doc mentions PKCS format but I can't figure out the conversion of the PuttyGen public key to the good format. I hope I can deal with my actual key and that it won't be necessary to generate a new one using OpenSSH.

Am I missing something? Any advice on this process would be much appreciated.

Thanks in advance.

Hi @yann84 .

You should be able to add a new public key with command:

public-key peer <public key name> import sshkey <public key file>

Public Key file should be in the format

ssh-rsa <key cipher> or ssh-dss <key cipher>

Copy public key file to the switch and import it.

This file format is natively generated by PuTTYgen

Best, Gorazd

Hello,

I would like to specify a list of clients' public keys authorized to connect to a HPE A5510 switch.

I'm facing the following error: Invalid key code, because the length of it is not even. when following the steps below:

[SW-HPE] public-key peer pk1[SW-HPE-pkey-public-key-pk1] ...33A1B123D7DE4C112D42E70F3AAFC34446E923FD595FD1779476...[SW-HPE-pkey-public-key-pk1] peer-public-key endInvalid key code, because the length of it is not even.[SW-HPE]

I have generated a pair of private/public keys using PuttyGen (RSA/2048 bits). I then have tried to convert my public key to an hexadecimal format using various online converting tools (from Base64 to HEX for instance) but it seems the format is still not the good one... The doc mentions PKCS format but I can't figure out the conversion of the PuttyGen public key to the good format. I hope I can deal with my actual key and that it won't be necessary to generate a new one using OpenSSH.

Am I missing something? Any advice on this process would be much appreciated.

Thanks in advance.

Hi @GorazdKikelj,

Thank you for your reply! And sorry for this late update as I've not been able to get back to this subject so far...

I eventually managed to copy the file containing the peer public key on the switch (TFTP) but I still get stuck with importing the key.

Here are the steps I followed:

• Copy file to the switch with copy tftp://<IP Address>/imc-key.txt imc-key.txt
• Copy succeeds as I can see the copied file on the switch using dir command
• Enter system-view
• Import key using command public-key peer imc import sshkey imc-key.txt
• Command seems to pass as no error message is returned
• Check peer public keys installed on the switch using command display public-key peer name imc : nothing is returned (key not installed)

The switch logbuffer is not helpfull but shows that things didn't go well:

<SWITCH>display logbuffer reverse...%Jan  1 04:40:04:939 2013 SWITCH SHELL/4/SHELL_CMD_EXECUTEFAIL: -User=admin-IPAddr=192.168.0.1; Command public-key peer imc import sshkey imc-key.txt in view system failed to be executed.%Jan  1 04:40:04:938 2013 SWITCH SHELL/6/SHELL_CMD: -Line=vty0-IPAddr=192.168.0.1-User=admin; Command is public-key peer imc import sshkey imc-key.txt

I have tried various file extensions: no extension, pub or txt.

Please let me know if you have any idea on this situation.

Hi @yann84 .

You should be able to add a new public key with command:

public-key peer <public key name> import sshkey <public key file>

Public Key file should be in the format

ssh-rsa <key cipher> or ssh-dss <key cipher>

Copy public key file to the switch and import it.

This file format is natively generated by PuTTYgen

Best, Gorazd

Hello,

I would like to specify a list of clients' public keys authorized to connect to a HPE A5510 switch.

I'm facing the following error: Invalid key code, because the length of it is not even. when following the steps below:

[SW-HPE] public-key peer pk1[SW-HPE-pkey-public-key-pk1] ...33A1B123D7DE4C112D42E70F3AAFC34446E923FD595FD1779476...[SW-HPE-pkey-public-key-pk1] peer-public-key endInvalid key code, because the length of it is not even.[SW-HPE]

I have generated a pair of private/public keys using PuttyGen (RSA/2048 bits). I then have tried to convert my public key to an hexadecimal format using various online converting tools (from Base64 to HEX for instance) but it seems the format is still not the good one... The doc mentions PKCS format but I can't figure out the conversion of the PuttyGen public key to the good format. I hope I can deal with my actual key and that it won't be necessary to generate a new one using OpenSSH.

Am I missing something? Any advice on this process would be much appreciated.

Thanks in advance.