Secure shell, Configuring ssh features on the switch, Ssh encryption of management messages – Blade ICE G8000 User Manual

RackSwitch G8000 Application Guide

34

„

Chapter 1: Accessing the Switch

BMD00041, November 2008

Secure Shell

Secure Shell (SSH) use secure tunnels to encrypt and secure messages between a remote
administrator and the switch. Telnet does not provide this level of security. The Telnet method
of managing a G8000 does not provide a secure connection.

SSH is a protocol that enables remote administrators to log securely into the G8000 over a net-
work to execute management commands.

The benefits of using SSH are listed below:

„

Authentication of remote administrators

„

Identifying the administrator using Name/Password

„

Authorization of remote administrators

„

Determining the permitted actions and customizing service for individual administrators

„

Encryption of management messages

„

Encrypting messages between the remote administrator and switch

„

Secure copy support

The Blade OS implementation of SSH supports both versions 1.0 and 2.0 and supports
SSH client versions 1.5 - 2.x.

Configuring SSH features on the switch

Before you can use SSH commands, use the following commands to turn on SSH.
SSH is disabled by default.

Use the following command to enable SSH:

SSH encryption of management messages

The following encryption and authentication methods are supported for SSH:

Server Host Authentication:

Client RSA authenticates the switch at the beginning of
every connection

Key Exchange:

RSA

Encryption:

3DES-CBC, DES

User Authentication:

Local password authentication

RS G8000 (config)# ssh enable