7-46
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-12247-04
Chapter 7 Configuring Switch-Based Authentication
Configuring the Switch for Secure Shell
Understanding SSH
SSH is a protocol that provides a secure, remote connection to a device. SSH provides more security for
remote connections than Telnet does by providing strong encryption when a device is authenticated. This
software release supports SSH Version 1 (SSHv1) and SSH Version 2 (SSHv2).
This section consists of these topics:
•
SSH Servers, Integrated Clients, and Supported Versions, page 7-46
•
Note
The SSH connection to the stack can be lost if a stack master running the cryptographic software image
and the IP base or the IP services feature set fails and is replaced by a switch that is running a
noncryptographic image and the same feature set. We recommend that a switch running the
cryptographic software image and the IP base or IP services feature set be the stack master. Encryption
features are unavailable if the stack master is running the noncryptographic software image and the
feature set.
SSH Servers, Integrated Clients, and Supported Versions
The SSH feature has an SSH server and an SSH integrated client, which are applications that run on the
switch. You can use an SSH client to connect to a switch running the SSH server. The SSH server works
with the SSH client supported in this release and with non-Cisco SSH clients. The SSH client also works
with the SSH server supported in this release and with non-Cisco SSH servers.
The switch supports an SSHv1 or an SSHv2 server.
The switch supports an SSHv1 client.
SSH supports the Data Encryption Standard (DES) encryption algorithm, the Triple DES (3DES)
encryption algorithm, and password-based user authentication.
SSH also supports these user authentication methods:
•
(for more information, see the
“Controlling Switch Access with ” section on
•
RADIUS (for more information, see the
“Controlling Switch Access with RADIUS” section on
•
Local authentication and authorization (for more information, see the
Local Authentication and Authorization” section on page 7-44
Note
This software release does not support IP Security (IPSec).