Enabling 256-bit encryption for ssh, Exporting connection configurations – HP Integrity NonStop H-Series User Manual
Page 68
Table 4 Telnet/FTP settings (continued)
Description
Setting
Enter the name of a service (such as TACL or OSH) or a static
window (such as #WIN05) NSDEE is to choose when logging
in.
Service or window name: button
Choose On if Telserv is configured to show the Enter Choice>
prompt during login.
Enter Choice> prompt: combo box
Choose On if Telserv is configured to prompt for user name and
password when you login.
Authentication: combo box
Choose TACL or OSH, whichever is started by the service you
use to login. NSDEE cannot connect using a service that doesn't
start a TACL or OSH process.
Login shell*: combo
5.
After making changes, select OK to return to the Preferences dialog.
6.
Select OK to save your changes and dismiss the Preferences dialog.
For more information on Telserv settings, see the Telserv Manual.
Enabling 256-bit encryption for SSH
Due to import control restrictions, Java Cryptography Extension policy files for the Java Runtime
Environment do not enable 256-bit encryption by default. This means that, by default, if you connect
NSDEE to a NonStop SSH server that is configured for 256-bit encryption, NSDEE will display an
error dialog with the message:
Cannot log on: Algorithm negotiation with server failed.
See "Enabling 256-bit encryption for SSH" in user guide for
possible fix.
One way to check if the SSH server is configured for 256-bit encryption is to login to the NonStop
system with an SSH program. If, for example, the server is configured to use the aes256-cbc cipher
suite, it will print a line similar to the following after a successful login:
STN46 Secure SSH session: xterm keyboard-interactive aes256-cbc hmac-md5
To enable Java (and NSDEE) to use 256-bit encryption, you need to download "Unlimited Strength
Java™ Cryptography Extension (JCE) Policy Files" from the following site:
From that site, select the link that matches your version of Java. Either:
•
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6
•
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0
Selecting the link will download a zip file to your PC. The zip file contains a README.txt file
that explains how to install the policy files.
Exporting connection configurations
You can export connection configurations you've set up in one workspace for use in another
workspace. To export connection configurations, perform the following steps from the NonStop
Development perspective:
1.
Open the Network Connections preference page (
) by selecting NonStop
Tools > Configure Connections...
2.
Select the Export... button to open the Export Connection Configurations wizard
(
).
68
Tasks