Ssh and enhanced stacking – Allied Telesis AT-S63 User Manual

Chapter 28: Secure Shell (SSH)

610

Section IV: Security

You can download client software from the Internet. Two popular SSH
clients are PuTTY and CYGWIN. To install SSH client software, follow the
directions from the vendor.

After you have configured the SSH client software, you can use the client
software to log in to the SSH server as a manager, operator, or as
RADIUS/TACACS+ users. The SSH server supports multiple client
connections. The maximum number of SSH clients allowed is 10 users
with one manager login.

SSH and

Enhanced

Stacking

The AT-S63 management software allows for encrypted SSH
management sessions between a management station and a master
switch of an enhanced stack, but not with slave switches, as explained in
this section.

When you remotely manage a slave switch, all management
communications are conducted through the master switch using the
enhanced stacking feature. Management packets from your workstation
are first directed to the master switch before being forwarded to the
slave switch. The reverse is true as well. Management packets from a
slave switch first pass through the master switch before reaching your
management station.

Enhanced stacking uses a proprietary protocol different from Telnet and
SSH protocols. Consequently, there is no encryption between a master
switch and a slave switch. The result is that SSH encryption can only
occur between your workstation and the master switch, not between
your workstation and a slave switch.

This is illustrated in Figure 191. The figure shows an SSH management
station that is managing a slave switch of an enhanced stack. The
packets exchanged between the slave switch and the master switch are
transmitted in plaintext and those exchanged between the master
switch and the SSH management station are encrypted