Jump to:navigation, search
Wiki

Keys

From Securepoint Wiki



































































De.png
En.png
Fr.png









Key management on the UTM

Last adaptation to the version: 12.6.1

New:
  • New key type: OVPN_STATIC_KEY
notempty
This article refers to a Resellerpreview
Access: Authentication Keys

Preliminary note

  • The keys on the UTM are used both for encryption (e.g. of VPN connections) and for signing (e.g. DKIM)
  • Locally generated keys always consist of a public and a private part
  • Only the public part should end up in someone else's hands


    • Key overview

    Caption Description Keys UTMuser@firewall.name.fqdnAuthentication UTM v12.6 Schluessel Schluesselverwaltung-en.pngKey management
    Name Name of the key
    Type: Key type
    • RSA
    • x25519
    • ed25519
    • OVPN_STATIC_KEY notempty
      New as of v12.6.1
    Hash Hash value of the key
    Length Key bit length

    Export key

    Public part (Format) Key part is saved as a file in the set format (see below)
    Public part (Format) Key part is copied to the clipboard in the set format (see below)
    Delete Deletes the key
    Opens the key export settings
    		UTM v12.6 Schluessel Exporteinstellungen-en.png
    Dropdown menu with settings for key export
    Export destination FileClipboard Exports the respective key part either to a file or to the clipboard
    RSA export format: PemHEXB64 Exports the RSA key part in Pem, Hex or Base64 format
    ED25519/X25519 Export Format: PemRAW Exports ED25519/X25519 keys in Pem or RAW format

    Add key

    Create a new key with the Add key button.
    Name: RSA-Demo Enter the desired name of the key Add key UTMuser@firewall.name.fqdnAuthenticationKeys UTM v12.6 Schluessel Schluessel hinzufuegen-en.pngAdd key dialog
    Type: RSA Select cryptographic method
    RSA used for: IPSec, Mailrelay
    ED25519 Used for: Mailrelay (signing)
    X25519 Used for: WireGuard
    OVPN_STATIC_KEY notempty
    New as of v12.6.1
    		 Used for static SSL VPN keys (openvpn tls-auth)
    Key length:
    Only for RSA:

    512

    1024

    2048

    3072 (Default)

    4096

    		 Select bit-length of the key
    		Creates the key and closes the dialogue
    		Closes the dialogue without creating a key

    Import key

    Import a key by clicking the Import key button.
    Import from file
    Import from file
    Import Option: FileClipboard The import is done from a file.
    The key name corresponds to the file name followed by the format     		Import key UTMuser@firewall.name.fqdnAuthenticationKeys Upload UTM v12.6 Schluessel Schluessel importieren-en.pngImport key from file dialog
    Datei: Browse... Select the file that contains the key to be imported
    File type: determine automatically The key type can be determined automatically.
    Alternatively, type can be specified manually.
    Format PEM RAW HEX B64 Select the format in which the key is provided
    Type:
    Only for RAW, HEX & B64    		 private The key is to be imported as a private key part
    public The key is to be imported as a public key part
    Import from clipboard
    Import from clipboard
    Import Option: FileClipboard The import is carried out by entering a value Import key UTMuser@firewall.name.fqdnAuthenticationKeys Upload UTM v12.6 Schluessel Schluessel importieren Zwischenablage-en.pngDialog Import key from clipboard
    Name ed25519-mx.ttt-point.de Enter the desired name of the key
    Key value MCowBQYDK2VwAyEA… Key from the clipboard
    File type: determine automatically The key type can be determined automatically.
    Alternatively, type can be specified manually.
    Format PEM RAW HEX B64 Select the format in which the key is provided
    Type:
    Only for RAW, HEX & B64    		 private The key is to be imported as a private key part
    public The key is to be imported as a public key part


    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/AUTH/Schluessel&oldid=94838"