Install Keys on the Client
In Create the Keys for the Server and the Client, you created the hashing key and encryption key to protect your data during the installation. To enable the client to decrypt the data transmitted from wanserver-1 during the installation, install these keys on wanclient-1.
On wanserver-1, display the key values.
wanserver-1# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 wanserver-1# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 |
The previous example uses the following information.
- net=192.168.198.0
-
Specifies the IP address of the client's subnet
- cid=010003BA152A42
-
Specifies the client's ID
- b482aaab82cb8d5631e16d51478c90079cc1d463
-
Specifies the value of the client's HMAC SHA1 hashing key
- 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04
-
Specifies the value of the client's 3DES encryption key
If you use an AES encryption key in your installation, change type=3des to type=aes to display the encryption key value.
At the ok prompt on wanclient-1, install the keys.
ok set-security-key wanboot-hmac-sha1 b482aaab82cb8d5631e16d51478c90079cc1d463 ok set-security-key wanboot-3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 |
The previous commands perform the following tasks.
-
Installs the HMAC SHA1 hashing key with a value of b482aaab82cb8d5631e16d51478c90079cc1d463 on wanclient-1
-
Installs the 3DES encryption key with a value of 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on wanclient-1
- © 2010, Oracle Corporation and/or its affiliates