Supported features, Configuring ssh, Tested sshv2 clients – Brocade BigIron RX Series Configuration Guide User Manual

994

BigIron RX Series Configuration Guide

53-1002484-04

Configuring SSH

31

•

SCP/SFTP/SSH URI Format

If you are using redundant management modules, you can synchronize the DSA host key pair
between the active and standby modules by entering the sync-standby command at the Privileged
EXEC level of the CLI.

Tested SSHv2 clients

The following SSH clients have been tested with SSHv2:

•

SSH Secure Shell 3.2.3

•

Van Dyke SecureCRT 4.0 and 4.1

•

F-Secure SSH Client 5.3 and 6.0

•

PuTTY 0.54 and 0.56

•

OpenSSH 3.5_p1 and 3.6.1p2

•

Solaris Sun-SSH-1.0

Supported features

The SSH server allows secure remote access management functions on a device. SSH provides a
function that is similar to Telnet, but unlike Telnet, SSH provides a secure, encrypted connection.

SSHv2 support includes the following:

•

The following encryption cipher algorithm are supported. They are listed in order of preference:

•

aes256-cbc: AES in CBC mode with 256-bit key

•

aes192-cbc: AES in CBC mode with 192-bit key

•

aes128-cbc: AES in CBC mode with 128-bit key

•

3des-cbc: Triple-DES

•

Key exchange methods, in the order of preference are:

•

diffie-hellman-group1-sha1

•

diffie-hellman-group14-sha1

•

Public key algorithm is ssh-dss.

•

Data integrity is ensured with hmac-sha1 algorithm.

•

Supported authentication methods are Password and publickey.

•

Compression is not supported.

•

TCP/IP port forwarding, X11 forwarding, and secure file transfer are not supported.

•

SSH version 1 is not supported.

•

SCP supports AES encryption

Configuring SSH

Brocade’s implementation of SSH supports two kinds of user authentication: