Secure shell (ssh) for ipv6, Configuring ssh for ipv6, Configuring ssh for ipv6 -15 – HP 6200YL User Manual
Page 149
IPv6 Management Security Features
Secure Shell (SSH) for IPv6
Secure Shell (SSH) for IPv6
Beginning with software release K.14.01, SSH for IPv4 and IPv6 operate
simultaneously with the same command set. Both are enabled in the default
configuration, and are controlled together by the same command set.
Secure Shell (SSH) for IPv6 provides the same Telnet-like functions through
encrypted, authenticated transactions as SSH for IPv4. SSH for IPv6 provides
CLI (console) access and secure file transfer functionality. The following types
of transactions are supported:
■
Client public-key authentication
Public keys from SSH clients are stored on the switch. Access to the
switch is granted only to a client whose private key matches a stored
public key.
■
Password-only client authentication
The switch is SSH-enabled but is not configured with the login method
that authenticates a client’s public-key. Instead, after the switch authenti
cates itself to a client, users connected to the client authenticate them
selves to the switch by providing a valid password that matches the
operator- and/or manager-level password configured and stored locally on
the switch or on a RADIUS or TACACS+ server.
■
Secure Copy (SCP) and Secure FTP (SFTP) client applications
You can use either one SCP session or one SFTP session at a given time
to perform secure file transfers to and from the switch.
Configuring SSH for IPv6
By default, SSH is automatically enabled for IPv4 and IPv6 connections on a
switch. You can use the
ip ssh command options to reconfigure the default
SSH settings to configure the following settings used in SSH authentication
for IPv4 and IPv6 connections:
■
TCP port number
■
timeout period
■
file transfer
■
MAC type
■
cipher type
■
listening port(s)
6-15