Chapter 6 Configuration
NSG Series User’s Guide
24
1
Host Identification
The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The
client encrypts a randomly generated session key with the host key and server key and sends the result
back to the server.
The client automatically saves any new server public keys. In subsequent connections, the server public
key is checked against the saved version on the client computer.
2
Encryption Method
Once the identification is verified, both the client and server must agree on the type of encryption
method to use.
3
Authentication and Data Transmission
After the identification is verified and data encryption activated, a secure tunnel is established between
the client and the server. The client then sends its authentication information (user name and password)
to the server to log in to the server.
6.3.2 SSH Implementation on the NSG
Your NSG supports SSH versions 1 and 2 using RSA authentication and four encryption methods (AES,
3DES, Archfour, and Blowfish). The SSH server is implemented on the NSG for management using port 22
(by default).
6.3.3 Requirements for Using SSH
You must install an SSH client program on a client computer (Windows or Linux operating system) that is
used to connect to the NSG over SSH.
6.3.4 Configuring SSH
Click
Configuration > SSH
to change your NSG’s Secure Shell settings. Use this screen to specify from
which IP address the access can come.
Figure 26
Configuration > SSH
