4 configuring passwords, 5 configuring ssh, Configuring passwords -5 – Riverstone Networks WICT1-12 User Manual

Page 551: Configuring ssh -5

Advertising
background image

Riverstone Networks RS Switch Router User Guide Release 8.0 25-5

Security Configuration

Configuring RS Access Security

25.1.4

Configuring Passwords

The RS provides password authentication for accessing the User and Enable modes. If TACACS, TACACS+, or
RADIUS is not enabled on the RS, only local password authentication is performed.

To configure RS passwords, enter the following commands in Configure mode:

25.1.5

Configuring SSH

Secure shell (SSH) is a protocol that allows you to log in to a remote RS and execute commands on that router. SSH
provides more secure communications than using Telnet, as connections are authenticated and communications over
the network are encrypted.

The RS provides both an SSH server and client. Both server and client support SSH version 1. Only username and
password authentication (as configured with the CLI

system set password

command) is supported. If TACACS

or RADIUS authentication is enabled on the router, passwords are authenticated by the TACACS or RADIUS server.
Private and public keys on a per-user basis are not supported.

Establishing SSH Sessions

The SSH server on the RS must have a public key and a host key generated with the CLI

ssh server generate-key

command. The keys are generated using the Rivest-Shamir-Adleman (RSA) algorithm. For example, the following
command generates RSA keys on the router ‘r1’:

On the RS, you use the

slogin

command in Enable mode to access a remote RS SSH server. In addition to specifying

the hostname or host IP address of the RS, you can specify a username. The default username is

root

. You can

optionally specify a port number on the router; the default port number is 22. For example, the following command
allows you to log into the remote router ‘r1’ with the username ‘login’:

Set User mode password.

system set password login

VWULQJ!

Set Enable mode password.

system set password enable

VWULQJ!

r1# ssh server generate-key rsa

Your identification has been saved in /int-flash/cfg/ssh/ssh_host_key.

Your public key has been saved in /int-flash/cfg/ssh/ssh_host_key.pub.

r2# slogin login@r1

Advertising
Popular Brands
Popular manuals