Configuring the Switch
3-76
3
Authenticating SSH v2 Clients
a. The client first queries the switch to determine if DSA public key
authentication using a preferred algorithm is acceptable.
b. If the specified algorithm is supported by the switch, it notifies the client to
proceed with the authentication process. Otherwise, it rejects the request.
c. The client sends a signature generated using the private key to the switch.
d. When the server receives this message, it checks whether the supplied key
is acceptable for authentication, and if so, it then checks whether the
signature is correct. If both checks succeed, the client is authenticated.
Note:
The SSH server supports up to four client sessions. The maximum number of
client sessions includes both current Telnet sessions and SSH sessions.
Configuring the SSH Server
The SSH server includes basic settings for authentication.
Field Attributes
•
SSH Server Status
– Allows you to enable/disable the SSH server on the switch.
(Default: Disabled)
•
Version
– The Secure Shell version number. Version 2.0 is displayed, but the
switch supports management access via either SSH Version 1.5 or 2.0 clients.
•
SSH Authentication Timeout
– Specifies the time interval in seconds that the
SSH server waits for a response from a client during an authentication attempt.
(Range: 1-120 seconds; Default: 120 seconds)
•
SSH Authentication Retries
– Specifies the number of authentication attempts
that a client is allowed before authentication fails and the client has to restart the
authentication process. (Range: 1-5 times; Default: 3)
•
SSH Server-Key Size
– Specifies the SSH server key size.
(Range: 512-896 bits; Default:768)
- The server key is a private key that is never shared outside the switch.
- The host key is shared with the SSH client, and is fixed at 1024 bits.
Summary of Contents for 6128PL2
Page 2: ......
Page 8: ...viii ...
Page 26: ...Contents xviii ...
Page 30: ...Tables xxii ...
Page 52: ...Initial Configuration 2 10 2 ...
Page 308: ...Configuring the Switch 3 256 3 ...
Page 473: ...SNMP Commands 4 165 4 ...
Page 644: ...Command Line Interface 4 336 4 ...
Page 648: ...Software Specifications A 4 A ...
Page 663: ......