Security: SSH Client
SSH Server Authentication
383
Cisco Small Business 300 Series Managed Switch Administration Guide
19
When a private key is created on a device, it is also possible to create an
associated
passphrase
. This passphrase is used to encrypt the private key and to
import it into the remaining switches. In this way, all the switches can use the same
public/private key.
SSH Server Authentication
A device, as an SSH client, only communicates with a trusted SSH server. When
SSH server authentication is disabled (the default setting), any SSH server is
considered trusted. When SSH server authentication is enabled, the user must
add an entry for the trusted servers to the Trusted SSH Servers Table. This table
stores the following information per each SSH Trusted server for a maximum of 16
servers, and contains the following information:
•
Server IP address/host name
•
Server public key fingerprint
When SSH server authentication is enabled, the SSH client running on the device
authenticates the SSH server using the following authentication process:
•
The device calculates the fingerprint of the received SSH server’s public
key.
•
The device searches the SSH Trusted Servers table for the SSH server’s IP
address/host name. One of the following can occur:
-
If a match is found, both for the server’s IP address/host name and its
fingerprint, the server is authenticated.
-
If a matching IP address/host name is found, but there is no matching
fingerprint, the search continues. If no matching fingerprint is found, the
search is completed and authentication fails.
-
If no matching IP address/host name is found, the search is completed
and authentication fails.
•
If the entry for the SSH server is not found in the list of trusted servers, the
process fails.
Содержание Small Business 300
Страница 1: ...Cisco Small Business 300 Series Managed Switch Administration Guide Release 1 3 ADMINISTRATION GUIDE ...
Страница 17: ...Cisco Small Business 300 Series Managed Switch Administration Guide 16 Contents ...
Страница 28: ...Getting Started Window Navigation 11 Cisco Small Business 300 Series Managed Switch Administration Guide 1 ...
Страница 44: ...Status and Statistics Managing RMON 27 Cisco Small Business 300 Series Managed Switch Administration Guide 2 ...
Страница 192: ...Smartport Built in Smartport Macros 175 Cisco Small Business 300 Series Managed Switch Administration Guide 10 ...
Страница 200: ...Port Management PoE Configuring PoE Settings 183 Cisco Small Business 300 Series Managed Switch Administration Guide 11 ...
Страница 376: ...Security Dynamic ARP Inspection 359 Cisco Small Business 300 Series Managed Switch Administration Guide 17 ...
Страница 428: ...Access Control Defining ACL Binding 411 Cisco Small Business 300 Series Managed Switch Administration Guide 21 ...
Страница 462: ...Quality of Service Managing QoS Statistics 445 Cisco Small Business 300 Series Managed Switch Administration Guide 22 ...
Страница 482: ...SNMP SNMP Notification Filters 465 Cisco Small Business 300 Series Managed Switch Administration Guide 23 ...