Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Generate a digital signature on EAST

In this example, you generate EAST's digital signature. This signature will have two parts: a public part (the public key) and a private part (the private key). The public key will be shared with WEST; the private key will remain secret.

To generate an RSA digital signature for system EAST, perform the following steps in operational mode.

Table 1. Generating a digital signature on EAST
Step Command

Generate the key.

vyatta@EAST> generate vpn rsa-key

The system warns you that the existing RSA key file will be overwritten. You have the opportunity to exit the key generation process by pressing <Ctrl>+c.

A local RSA key file already exists and will be overwritten
<CTRL>C to exit: 5

The system indicates the location of the file where the key will be written.

Generating rsa-key to /config/ipsec.d/rsa-keys/localhost.key
The system indicates the location of the file where the key will be written, generates the key, and displays the fingerprint.
Your new local RSA key has been generated.
RSA key fingerprint: 74:83:53:c1:2e:11:7b:ba:c5:6e:5a:ee:b1:7a:6d:7b

vyatta@EAST>