AT-S62 Command Line User’s Guide
537
Note
Before you enable SSH, disable the Telnet management session.
Otherwise, the security provided by SSH is not active. See DISABLE
TELNET on page 40.
Example
The following command activates the Secure Shell server and specifies
encryption key pair 0 as the host key and key pair 1 as the server key:
enable ssh server hostkey=0 serverkey=1
General Configuration Steps for SSH Operation
Configuring the SSH server involves several commands. The information
in this section lists the functions and commands you need to perform to
configure the SSH feature.
1. Create two encryption key pairs. One pair will function as the SSH host
key and another as the SSH server key. The keys must be of different
lengths of at least one increment (256 bits) apart. The recommended
size for the server key is 768 bits. The recommended size for the server
key is 1024 bits. To create a key pair, see to CREATE ENCO KEY on page
508.
2. Disable Telnet access to the switch with the DISABLE TELNET
command. See DISABLE TELNET on page 40.
Although the AT-S62 management software allows the SSH and
Telnet servers to be active on the switch simultaneously, allowing
Telnet to remain active negates the security of the SSH feature.
3. Configure and activate SSH on the switch using ENABLE SSH SERVER
on page 536.
4. Install SSH client software on your PC.
Follow the directions provided with the client software. You can
download SSH client software from the Internet. Two popular SSH
clients are PuTTY and CYGWIN.
5. Logon to the SSH server from the SSH client.
Acceptable users are those with a Manager or Operator login as
well as users configured with the RADIUS and TACACS+ protocols.
You can add, delete, and modify users with the RADIUS and
TACACS+ feature. For information about how to configure
RADIUS and TACACS+, see TACACS+ and RADIUS Commands on
page 542.