Encryption, Secure shell (ssh) and secure copy (scp), Secure shell (ssh) and secure copy – APC Battery Management System User Manual

®

USER’S GUIDE

Battery Management System

115

Encryption

Secure SHell (SSH) and Secure CoPy (SCP)

The Secure SHell (SSH) protocol provides a secure mechanism to access
computer consoles or shells remotely. The protocol authenticates the server
(in this case, the Battery Management System) and encrypts all
transmissions between the SSH client and the server.

• SSH is an alternative to Telnet, which does not provide encryption.
• SSH protects the username and password, the credentials for

authentication, from being used by anyone intercepting network traffic.

• To authenticate the SSH server (the Battery Management System) to

the SSH client, SSH uses a host key that is unique to the SSH server
and that provides an identification that cannot be falsified. Therefore,
an invalid server on the network cannot obtain a user name and
password from a user by presenting itself as a valid server.

• The Battery Management System supports versions 1 and 2 of SSH.

The encryption mechanisms of the versions differ, and each version
has advantages. Version 1 provides faster login to the Management
Card, and version 2 provides improved protection from attempts to
intercept, forge, or change data that are transmitted.

• When you enable SSH, Telnet is automatically disabled.
• The interface, user accounts, and user access rights are the same

whether you access the control console through SSH or Telnet.

To create a host key, see

Create an SSH Host Key

.

For information on supported SSH client applications, see

Telnet/SSH

.