Security property, Opening a session – Avocent Network Device SPC420 User Manual

290 DSView 3 Software Installer/User Guide

Security Property

A fully functional SSH2 (Secure Shell Version 2) Client is built into the Telnet Viewer. The SSH2
Client is Java-based and provides a secure method for accessing target devices.

The Telnet Viewer provides the following security features:

•

Strict host key checking

•

Support ciphers for AES (128-, 192-, 256-bit), Blowfish, Twofish, Cast, 3DES and Arcfour

•

Diffie-Hellman key exchange support

•

SSH-RSA key types

•

Supported for hmac-md5, hmac-sha1, hmac-sha1-96, hmac-md5-96 and hmac-ripemd160

The DSView 3 software will determine whether to create a Telnet or SSH2 connection when you
start a session with an appliance. A serial connection provides SSH2 serial access to the target
device from the appliance. Terminal emulation options are supported using both types of
connections.

The SSH2 client is started when you initiate a session with an appliance port from the DSView 3
Explorer. The DSView 3 server is contacted, which in turn contacts the target device connected to
the appliance port and exchanges X.509 certificates with the target device. The target device also
supplies a session certificate, private key and appliance certificate.

These certificates are then passed back to the SSH2 client, which uses them to determine the SSH2
host key and the user SSH2 key. The Telnet Viewer will then establish a session with the target
device (or through the proxy server if there is a proxy server connection). The Telnet Viewer then
passes the RSA public key from the session certificate when establishing the SSH connection.
Finally, the virtual terminal window will open using an SSH2 shell over SSH connection.

SSH2 settings may be viewed by clicking on an appliance name in the DSView 3 Explorer and
selecting Appliance Settings - Sessions - Settings in the side navigation bar to display the Properties
- Sessions - Settings window.

Opening a Session

A DSView 3 management software Telnet Viewer session is opened using the DSView 3 Explorer
by clicking on Telnet Session or Serial Session in the Action column of the target device. If the
target device is attached to an appliance port, Telnet Session will appear. If the target device is
attached to an appliance that is also attached to a serial device, Serial Session will appear.

NOTE: If multiple connection methods are available, an alternate actions arrow will appear to the right of the
action. Clicking the alternate action arrow will display a list of other actions, in descending order of priority, which
may be selected to launch the corresponding window type.

To open a Telnet Viewer session:

In a Units View window containing target devices (see Accessing Units View windows on
page 106), click Telnet Session or Serial Session in the Action field or the Alternate Action menu.