Install Keys on the Client
In Create the Keys for the Server and the Client, you created the hashing key and encryption key to protect your
data during the installation. To enable the client to decrypt the data transmitted
from wanserver-1 during the installation, install these keys on wanclient-1.
On wanserver-1, display the key values.
wanserver-1# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=sha1
b482aaab82cb8d5631e16d51478c90079cc1d463
wanserver-1# wanbootutil keygen -d -c -o net=192.168.198.0,cid=010003BA152A42,type=3des
9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04
The previous example uses the following information.
- net=192.168.198.0
Specifies the IP address of the client's subnet
- cid=010003BA152A42
Specifies the client's ID
- b482aaab82cb8d5631e16d51478c90079cc1d463
Specifies the value of the client's HMAC SHA1 hashing key
- 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04
Specifies the value of the client's 3DES encryption key
If you use an AES encryption key in your installation, change type=3des to type=aes to display the encryption key value.
At the ok prompt on wanclient-1, install the keys.
ok set-security-key wanboot-hmac-sha1 b482aaab82cb8d5631e16d51478c90079cc1d463
ok set-security-key wanboot-3des 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04
The previous commands perform the following tasks.
Installs the HMAC SHA1 hashing key with a value of b482aaab82cb8d5631e16d51478c90079cc1d463 on wanclient-1
Installs the 3DES encryption key with a value of 9ebc7a57f240e97c9b9401e9d3ae9b292943d3c143d07f04 on wanclient-1