© Copyright 2007 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
23
IKE RSA
Authentication
Public Key
RSA RSA public key for IKE
authentication. Generated or
entered like any RSA key, set as
IKE RSA Authentication Key with
the “crypto keyring” or “ca trust-
point” command.
NVRAM “# crypto key zeroize
rsa"
IKE RSA
Encrypted
Nonce Private
Key
RSA RSA private key for IKE encrypted
nonces. Generated like any RSA,
with the “usage-keys” parameter
included.
NVRAM “# crypto key zeroize
rsa"
IKE RSA
Encrypted
Nonce Public
Key
RSA RSA public key for IKE encrypted
nonces. Generated like any RSA,
with the “usage-keys” parameter
included.
NVRAM “# crypto key zeroize
rsa"
IPSec
encryption
key
DES/TRIPLE-
DES/AES
The IPSec encryption key. Zeroized
when IPSec session is terminated.
DRAM
“# Clear Crypto IPSec SA”
IPSec
authentication
key
HMAC-SHA-1 The IPSec authentication key. The
zeroization is the same as above.
DRAM
“# Clear Crypto IPSec SA”
Configuration
encryption
key
AES The key used to encrypt values of
the configuration file. This key is
zeroized when the “no key config-
key” is issued. Note that this
command does not decrypt the
configuration file, so zeroize with
care.
NVRAM “# no key config-key”
Router
authentication
key 1
Shared secret This key is used by the router to
authenticate itself to the peer. The
router itself gets the password (that
is used as this key) from the AAA
server and sends it onto the peer.
The password retrieved from the
AAA server is zeroized upon
completion of the authentication
attempt.
DRAM Automatically upon
completion of
authentication attempt.
PPP
authentication
key
RFC 1334 The authentication key used in
PPP. This key is in the DRAM and
not zeroized at runtime. One can
turn off the router to zeroize this
key because it is stored in DRAM.
DRAM Turn off the router.
Router
authentication
key 2
Shared Secret This key is used by the router to
authenticate itself to the peer. The
key is identical to Router
authentication key 1 except that it
is retrieved from the local database
(on the router itself). Issuing the
“no username password” zeroizes
the password (that is used as this
key) from the local database.
NVRAM “# no username
password”
SSH session
key
Various
symmetric
This is the SSH session key. It is
zeroized when the SSH session is
terminated.
DRAM Automatically when
SSH session terminated
(6 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals