IP
Establishing Sessions
6-10
If the SCS port has been configured with a terminal type (such as VT100), this information will be sent to
the remote host during the session. To configure the terminal type, use the
Set/Define Ports TermType
command.
Figure 6-23:
Setting Terminal Type
Rlogin can be a security problem. When the SCS attempts an outgoing Rlogin connection, the SCS will send
the username specified when the user logs into the SCS. If a user is not authenticated during the SCS login
process, an unauthorized username may be used to Rlogin to remote hosts. The easiest way to avoid this
problem is to disable outgoing Rlogin connections.
Figure 6-24:
Disabling Outgoing Rlogin Connections
Another way to secure your network is to ensure that the SCS is not a trusted host on any UNIX hosts on
the network. This solution is not foolproof, however, as a user could still add the SCS to a UNIX host’s
.rhost file.
6.5.1.2 Incoming Telnet/Rlogin Connections
By default, the SCS will permit incoming Telnet and Rlogin connections. If this poses a security problem
on your network, these connections can be disabled, restricted with a password requirement, or restricted
using the IP security table.
To disable incoming Telnet/Rlogin connections, use the
Set/Define Server Incoming
command.
Figure 6-25:
Disabling Incoming Telnet/Rlogin Connections
To require the login password for incoming Telnet/Rlogin connections, use the Password parameter:
Figure 6-26:
Requiring the Login Password
To restrict incoming Telnet and Rlogin connections using the IP security table, see
IP Security
on page 6-
17. To restrict incoming connections to SSH, see Disabling HTTP and FTP, page 6-17.
6.5.2 SSH Sessions
SSH, or Secure Shell, is a secure transport protocol based on public-key cryptography. Unlike Telnet and
Rlogin connections, SSH connections are encrypted, and require both the server and the user to be
authenticated before a connection is allowed. The SCS currently supports SSH Protocol versions 1 and 2
with 3DES encryption
.
Compression is not supported.
To use SSH with the SCS, you must have SSH client software installed on the host that you are connecting
from. Incoming SSH sessions will obey applicable virtual port settings (port 0), which are discussed on page
8-22.
Local>> DEFINE PORT 2 TERMTYPE VT100
Local>> DEFINE SERVER RLOGIN DISABLED
Local>> DEFINE SERVER INCOMING NONE
Local>> DEFINE SERVER INCOMING PASSWORD
Summary of Contents for SCS
Page 14: ...xii ...
Page 171: ...Modem Sharing Examples 10 6 ...
Page 314: ...Command Reference Service Commands 12 110 ...
Page 403: ...Show 802 11 Errors Rightmost Number B 5 00000002 Internal error 00000001 Internal error ...
Page 424: ...Index 13 ...