Configuring Text for a Key
Command or Action
switch(config)# copy running-config startup-config
Related Topics
Configuring Text for a Key
You can configure the text for a key. The text is the shared secret. The device stores the text in a secure format.
By default, accept and send lifetimes for a key are infinite, which means that the key is always valid. After
you configure the text for a key, configure the accept and send lifetimes for the key.
Before you begin
Determine the text for the key. You can enter the text as unencrypted text or in the encrypted form that Cisco
NX-OS uses to display key text when you use the show key chain command. Using the encrypted form is
particularly helpful if you are creating key text to match a key as shown in the show key chain command
output from another device.
SUMMARY STEPS
1. configure terminal
2. key chain name
3. key key-ID
4. key-string [encryption-type] text-string
5. (Optional) show key chain name [mode decrypt]
6. (Optional) copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
key chain name
Example:
switch(config)# key chain bgp-keys
switch(config-keychain)#
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
424
About AES Password Encryption and Master Encryption
About AES Password Encryption and Master Encryption
Configuring Text for a
Key, on page 424
Configuring Accept and Send Lifetimes for a
Purpose
This command is necessary to synchronize the
Note
master key in the running configuration and the
startup configuration.
Keys, on page 413
Keys, on page 413
Key, on page 425
Purpose
Enters global configuration mode.
Enters keychain configuration mode for the keychain that
you specified.
Configuring Keychain Management