10: Security Settings
EDS-MD® Medical Device Server User Guide
72
SSH Settings
SSH is a network protocol for securely accessing a remote device over an encrypted channel. This
protocol manages the security of internet data transmission between two hosts over a network by
providing encryption, authentication, and message integrity services.
Configuration is required when the EDS-MD device is either (1) the SSH server or (2) an SSH
client.. The SSH server is used by the CLI (Command Mode) and for tunneling in Accept Mode.
The SSH client is for tunneling in Connect Mode.
To configure the EDS-MD device server as an SSH server, there are two requirements:
Defined Host Keys:
both private and public keys are required. These keys are used for the
Diffie-Hellman key exchange (used for the underlying encryption protocol).
Defined Users
: these users are permitted to connect to the EDS-MD device SSH server.
SSH Server Host Keys
The SSH Server Host Keys are used by all applications that play the role of an SSH Server.
Specifically Tunneling in Accept Mode. These keys can be created elsewhere and uploaded to the
device or automatically generated on the device.
If uploading existing keys, take care to ensure the Private Key will not be compromised in transit.
This implies the data is uploaded over some kind of secure private network.
Note:
Some SSH Clients require RSA Host Keys to be at least 1024 bits in size.
Table 10-1 SSH Server Host Keys
Note:
SSH Keys from other programs may be converted to the required EDS-MD 4/8/16
unit format. Use Open SSH to perform the conversion.
SSH Settings
Description
Private Key
Click
Choose File
to browse to and select the existing private key you want to
upload. In Web Manager, you can also browse to the private key to be uploaded. Be
sure the private key will not be compromised in transit. This implies the data is
uploaded over some kind of secure private network.
Public Key
Click
Choose File
to browse to and select the existing public key you want to upload.
In Web Manager, you can also browse to the public key to be uploaded.
Key Type
Select a key type to use for the new key:
RSA
DSA
Bit Size
Select a bit length for the new key:
512
768
1024
Submit (button)
Click the
Submit
button after setting the information for
Upload Keys
or
Create New
Keys
.