Secure management network, Secure shell (ssh), Trunk group configuration tips – Blade ICE BLADEOS BMD00178 User Manual

BLADEOS 6.3 Application Guide

BMD00178, April 2010

23

Secure Management Network

The following GbESM attributes are reserved to provide secure management access to and from the
IBM management module:

MGT1 (port 15) and MGT2 (port 16)

VLAN 4095

IP interface 128

Gateway 4

STG 128

For more information about remotely managing the GbESM through the external ports, see
“Accessing the Switch” in the BLADEOS 6.3 Application Guide.

Note –

The external uplink ports (EXTx) cannot be members of management VLANs.

Secure Shell (SSH)

Because SSH key generation is CPU intensive, the GbESM attempts to avoid unnecessary key
generation. The process generates three server keys:

1.

One key is generated to replace the current server key, if used.

2.

A second key is generated as a spare, in case the current server key is used and the specified interval
expires.

3.

A third key is generated for use at the next reboot.

Therefore, if you never login via SSH, you will only see two key generation events. You may see all
three events directly following a reboot. If you want to witness the key generation after the specified
interval has expired, then you must login via SSH at least once during each expiration interval.

Trunk Group Configuration Tips

Please be aware of the following information when you configure trunk groups:

Always configure trunk groups first on both ends, before you physically connect the links.

Configure all ports in a trunk group to the same speed (you cannot aggregate 1Gb ports with
10GBASE-SFP+ ports).