Configuring Secure Shell (SSH)
Overview
Overview
Feature
Default
Menu
CLI
Web
Generating a public/private key pair on the switch
No
n/a
n/a
Using the switch’s public key
n/a
n/a
n/a
Enabling SSH
Disabled
n/a
n/a
Enabling client public-key authentication
Disabled
n/a
n/a
Enabling user authentication
Disabled
n/a
n/a
The switches covered in this guide use Secure Shell version 2 (SSHv2) to
provide remote access to management functions on the switches via
encrypted paths between the switch and management station clients capable
of SSH operation.
SSH provides Telnet-like functions but, unlike Telnet, SSH provides encrypted,
authenticated transactions. The authentication types include:
■
Client public-key authentication
■
Switch SSH and user password authentication
Client Public Key Authentication (Login/Operator Level) with User
Password Authentication (Enable/Manager Level).
This option uses
one or more public keys (from clients) that must be stored on the switch. Only
a client with a private key that matches a stored public key can gain access
to the switch. (The same private key can be stored on one or more clients.)
ProCurve
Switch
(SSH
Server)
1. Switch-to-Client SSH authentication.
2.Client-to-Switch (
login rsa
) authentication
3.User-to-Switch (enable password) authentication
options:
– Local
–
– RADIUS
– None
SSH
Client
Work-
Station
Figure 7-1. Client Public Key Authentication Model
N o t e
SSH in ProCurve switches is based on the OpenSSH software toolkit. For more
information on OpenSSH, visit
.
7-2
Summary of Contents for PROCURVE 2910AL
Page 1: ...Access Security Guide ProCurve Switches W 14 03 2910al www procurve com ...
Page 2: ......
Page 3: ...HP ProCurve 2910al Switch February 2009 W 14 03 Access Security Guide ...
Page 84: ...Configuring Username and Password Security Front Panel Security 2 36 ...
Page 156: ...TACACS Authentication Operating Notes 4 30 ...
Page 288: ...Configuring Secure Socket Layer SSL Common Errors in SSL setup 8 22 ...
Page 416: ...Configuring Advanced Threat Protection Using the Instrumentation Monitor 10 28 ...
Page 572: ...Using Authorized IP Managers Operating Notes 14 14 ...
Page 592: ...12 Index ...
Page 593: ......