MN700004 Rev 01
357
33. Secure Shell (SSH)
Introduction
SSH Secure Shell is the standard authentication protocol used for protecting data from
malicious intruders through the Internet, prevention of password stealing, etc. SSH Version 2
supports multiple public key algorithms, including DSA (Digital Signature Algorithm).
The BiNOS SSH (Secure Shell) server, using SSH Version 2, provides you with a more
secure connection to your Nokia ESB26. The BiNOS SSH server supplies user authentication
service by a password authentication method. The BiNOS SSH server does not support SFTP,
tunneling or any other method except for a remote secured login connection. The BiNOS SSH
server supports only one channel per connection.
Some Security Considerations
When you log into the SSH server for the first time, the SSH client usually issues a security
alert message such as:
Regard this as a warning that the security and secrecy of the data on your computer may be
jeopardized. If in a later login the same message appears (even though you have confirmed
your trust on the initial connection), then either you are exposed to a malicious intrusion, or
the server administrator has reconfigured the keys.
The keys are configured with the
ssh generate-key dsa
command described below. When
using an SSH client to log into a Nokia ESB26 device, avoid using a telnet client from that
device to another host. This precaution is required to prevent making the secure connection
vulnerable to anyone who may spy on both network connections.
To configure the user name and password, use the
username
command in Global
Configuration mode.