4-3
Configuring Secure Shell (SSH)
Overview
Note SSH in the HP Procurve Switch 2650 and 6108 is based on the OpenSSH
software toolkit. For more information on OpenSSH, visit
http://
www.openssh.com
.
Switch SSH and User Password Authentication . This option is a subset
of the client public-key authentication show in figure 4-1. It occurs if the switch
has SSH enabled but does not have login access (login rsa) configured to
authenticate the client’s key. As in figure 4-1, the switch authenticates itself
to SSH clients. Users on SSH clients then authenticate themselves to the
switch (login and/or enable levels) by providing passwords stored locally on
the switch or on a TACACS+ or RADIUS server. However, the client does not
use a key to authenticate itself to the switch.
Figure 4-2. Switch/User Authentication
SSH on the Switch 2650 and 6108 supports these data encryption methods:
3DES (168-bit)
DES (56-bit)
Note This release supports SSH version 1 only, and all references to SSH in this
document are to SSHv1 unless otherwise stated. SSH version 1 uses RSA
public key algorithms exclusively, and all references to either a public or
private key mean keys generated using these algorithms unless otherwise
noted.
HP
Switch
(SSH
Server)
SSH
Client
Work-
Station
1. Switch-to-Client SSH
2. User-to-Switch (login passwordand
enable password authentication)
options:
– Local
– TACACS+
– RADIUS
!FishSecurity.book Page 3 Thursday, October 10, 2002 9:19 PM
To Next Page
Loading...
