Secure shell management, Web browser management, Secure shell management web browser management – Allied Telesis 8100S Series User Manual
Page 100
Chapter 5: Powering On the Switch
100
Telnet management sessions are not secure and are vulnerable to
snooping because the packets exchanged between the switch and your
workstation are sent in plain text. The security of the switch may be
jeopardized if an intruder captures the packet containing your userrname
and password. For secure remote management, use the secure shell
protocol.
Secure Shell
Management
Secure shell management is similar to Telnet management in that you
may use it, together with the Command Line Interface, to manage all of
the features and functions of the switch, from a workstation on your
network. The difference is that this management method encrypts the
packets exchanged by your computer and the switch to protect your
management sessions.
Here are the requirements for SSH management:
Your management workstation must have an SSH client.
The SSH server on the switch has to be activated. The server’s
default setting is disabled.
You have to create an encryption key on the switch.
The switch must have an IP address. You may use the factory
169.254.1.1 address assigned to the Default VLAN.
You need to assign your management workstation an IP address
in the 169.254.n.n subnet or your workstation must have access to
that subnet through routing devices.
For instructions on how to configure the switch for SSH management,
refer to the AT-8100 Series AlliedWare Plus Command Line Interface
User’s Guide.
Web Browser
Management
Yet another way to remotely manage the switch is with a web browser. A
special web browser interface, featuring both non-secure (HTTP) and
secure (HTTPS) operation, lets you monitor and configure many of the
switch’s features from a series of windows. The interface, however, may
only be used to configure a subset of the features. To configure those
features the web browser interface does not support, you have to use the
command line interface from another management method.
Here are the requirements for non-secure HTTP web browser
management:
Your management workstation must have a web browser.
The web browser server on the switch has to be activated. This is
the default setting in the default BOOT.CFG and QSTART.CFG
files.
The switch must have an IP address. You may use the factory
169.254.1.1 address assigned to the Default VLAN.