EasyManua.ls Logo

HP ProCurve 6120G/XG User Manual

HP ProCurve 6120G/XG
606 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #272 background imageLoading...
Page #272 background image
Configuring Secure Shell (SSH)
Overview
Overview
Feature Default Menu CLI Web
Generating a public/private key pair on the switch No n/a page 7-10 n/a
Using the switch’s public key n/a n/a page 7-13 n/a
Enabling SSH Disabled n/a page 7-15 n/a
Enabling client public-key authentication Disabled n/a pages 7-21, n/a
7-24
Enabling user authentication Disabled n/a page 7-20 n/a
The switches covered in this guide use Secure Shell version 2 (SSHv2) to
provide remote access to management functions on the switches via
encrypted paths between the switch and management station clients capable
of SSH operation.
SSH provides Telnet-like functions but, unlike Telnet, SSH provides encrypted,
authenticated transactions. The authentication types include:
â–  Client public-key authentication
â–  Switch SSH and user password authentication
Client Public Key Authentication (Login/Operator Level) with User
Password Authentication (Enable/Manager Level). This option uses
one or more public keys (from clients) that must be stored on the switch. Only
a client with a private key that matches a stored public key can gain access
to the switch. (The same private key can be stored on one or more clients.)
1. Switch-to-Client SSH authentication.
SSH
ProCurve
Client
Switch
2.Client-to-Switch (login rsa) authentication
Work-
(SSH
Server)
3.User-to-Switch (enable password) authentication
options:
– Local
–TACACS+
Station
–RADIUS
–None
Figure 7-1. Client Public Key Authentication Model
7-2

Table of Contents

Other manuals for HP ProCurve 6120G/XG

Preview: Configuration Guide
Configuration Guide662 pages
Preview: Installation And Getting Started Guide
Installation And Getting Started Guide62 pages
Preview: Installation Instructions
Installation Instructions4 pages
Question and Answer IconNeed help?

Do you have a question about the HP ProCurve 6120G/XG and is the answer not in the manual?

HP ProCurve 6120G/XG Specifications

General IconGeneral
BrandHP
ModelProCurve 6120G/XG
CategorySwitch
LanguageEnglish

Summary

Security Overview

Access Security Features

Overview of the switch’s access security features, authentication protocols, and methods.

Network Security Features

Configuring Username and Password Security

Configuring Local Password Security

Describes how to configure local passwords for operator and manager access levels.

Front-Panel Security

Details front-panel security features for disabling button functions and managing password recovery.

Password Recovery

Web and MAC Authentication

Configuring Web Authentication

Describes how to configure the switch for Web authentication.

Configuring MAC Authentication on the Switch

Details how to configure MAC authentication on the switch.

TACACS+ Authentication

Configuring TACACS+ on the Switch

Guides the user through the process of configuring TACACS+ on the switch.

RADIUS Authentication, Authorization, and Accounting

General RADIUS Setup Procedure

Provides steps for preparing and testing the RADIUS service.

Configuring the Switch for RADIUS Authentication

Outlines the commands for configuring RADIUS authentication on the switch.

Configuring RADIUS Server Support for Switch Services

RADIUS Server Configuration for Per-Port CoS (802.1p Priority) and Rate-Limiting

Guidelines for configuring RADIUS to dynamically apply CoS and Rate-Limiting.

Configuring and Using RADIUS-Assigned Access Control Lists

Describes how to apply RADIUS-assigned ACLs on the switch.

Configuring Secure Shell (SSH)

Steps for Configuring and Using SSH for Switch and Client Authentication

Provides steps for configuring and using SSH for two-way authentication.

Configuring the Switch for SSH Operation

Details SSH-related CLI commands and their operations.

Configuring Secure Socket Layer (SSL)

Steps for Configuring and Using SSL for Switch and Client Authentication

Provides general steps for configuring and using SSL.

Configuring the Switch for SSL Operation

IPv4 Access Control Lists (ACLs)

ACL Operation

Planning an ACL Application

Configuring Advanced Threat Protection

DHCP Snooping

Protects the network from common DHCP attacks like address spoofing.

Dynamic ARP Protection

Protects the network from ARP cache poisoning attacks.

Dynamic IP Lockdown

Prevents IP source address spoofing on a per-port and per-VLAN basis.

Traffic/Security Filters and Monitors

Source-Port Filters

Named Source-Port Filters

Configuring Traffic/Security Filters

Provides procedures to specify filter types and actions on the switch.

Configuring Port-Based and User-Based Access Control (802.1X)

802.1X User-Based Access Control

802.1X Port-Based Access Control

General 802.1X Authenticator Operation

General Setup Procedure for 802.1X Access Control

Configuring Switch Ports as 802.1X Authenticators

Details how to configure ports to operate as 802.1X authenticators.

802.1X Open VLAN Mode

Configuring and Monitoring Port Security

Port Security

Explains basic operation, intruder protection, and eavesdrop prevention.

MAC Lockdown

MAC Lockout

Reading Intrusion Alerts and Resetting Alert Flags

Related product manuals