Configuring the ECN330-switch
1351553-KDU 137 365 Uen D 2006-06-16
When a unique certificate and a private key and password have been obtained,
place them on the TFTP server, and use the copy tftp https-
certificate command at the ECN330-switch's command-line interface to
replace the default (unrecognized) certificate with an authorized one:
Note: The ECN330-switch must be reset for the new certificate to be
activated. To reset the ECN330-switch, type “reload” at the command prompt:
Console#reload
6.5.4 Configuring the Secure Shell
The Berkley-standard includes remote access tools originally designed for Unix
systems. Some of these tools have also been implemented for Microsoft
Windows and other environments. These tools, including commands such as
rlogin (remote login), rsh (remote shell), and rcp (remote copy), are not secure
from hostile attacks.
The Secure Shell (SSH) includes server/client applications intended as a secure
replacement for the older Berkley remote access tools. SSH can also provide
remote management access to the ECN330-switch as a secure replacement for
Telnet. When the client contacts the ECN330-switch through the SSH protocol,
the ECN330-switch generates a public-key that the client uses along with a local
user name and password for access authentication. SSH also encrypts all data
transfers passing between the ECN330-switch and SSH-enabled management
station clients, and ensures that data traveling over the network arrives
unaltered.
Note that an SSH client needs to be installed on the management station to
access the ECN330-switch for management using the SSH protocol.
Note: The ECN330-switch supports both SSH Version 1.5 and 2.0 clients.
Console#copy tftp https-certificate
TFTP server ip address: <server ip-address>
Source certificate file name: <certificate file name>
Source private file name: <private key file name>
Private password: <password for private key>
To Next Page
Loading...
