4-10
Configuring Secure Shell (SSH)
Configuring the Switch for SSH Operation
Figure 4-6. Example of Configuring Local Passwords
2. Generating the Switch’s Public and Private Key Pair
You must generate a public and private host key pair on the switch. The switch
uses this key pair, along with a dynamically generated session key pair to
negotiate an encryption method and session with an SSH client trying to
connect to the switch.
The host key pair is stored in the switch’s flash memory, and only the public
key in this pair is readable. The public key should be added to a "known hosts"
file (for example, $HOME/.ssh/known_hosts on UNIX systems) on the
SSH clients who you want to have access to the switch. Some SSH client
applications automatically add the the switch’s public key to a "known hosts"
file. Other SSH applications require you to manually create a known hosts file
and place the switch’s public key in the file. (Refer to the documentation for
your SSH client application.)
(The session key pair mentioned above is not visible on the switch. It is a
temporary, internally generated pair used for a particular switch/client ses-
sion, and then discarded.)
!FishSecurity.book Page 10 Thursday, October 10, 2002 9:19 PM
To Next Page
Loading...
Need help?
General
