Configuring the ECN330-switch
1371553-KDU 137 365 Uen D 2006-06-16
04830339254324101637997592371449011938006090253948408482717
81943722884025331159521348610229029789827213532671316294325
32818915045306393916643 steve@192.168.1.19
4. Set the Optional Parameters – On the SSH Settings page, configure the
optional parameters, including the authentication timeout, the number of
retries, and the server key size.
5. Enable SSH Service – On the SSH Settings page, enable the SSH server
on the ECN330-switch.
6. Challenge-Response Authentication – When an SSH client attempts to
contact the ECN330-switch, the SSH server uses the host key pair to
negotiate a session key and encryption method. Only clients that have a
private key corresponding to the public keys stored on the ECN330-switch
can access it. The following exchanges take place during this process:
A The client sends its public key to the ECN330-switch.
B The ECN330-switch compares the client's public key to those stored in
memory.
C If a match is found, the ECN330-switch uses the public key to encrypt a
random sequence of bytes, and sends this string to the client.
D The client uses its private key to decrypt the bytes, and sends the
decrypted bytes back to the ECN330-switch.
E The ECN330-switch compares the decrypted bytes to the original bytes
it sent. If the two sets match, this means that the client's private key
corresponds to an authorized public key, and the client is authenticated.
Note: To use SSH with only password authentication, the host public key
must still be given to the client, either during initial connection or manually
entered into the known host file. However, the client’s keys do not need to be
configured.
Note: The SSH server supports up to four client sessions. The maximum
number of client sessions includes both current Telnet sessions and SSH
sessions.
To Next Page
Loading...
