4. Advanced Operations
SSH
Secure Shell (SSH) version 2 enables secure network terminal sessions between a AmpMeter PDU Remote
Power Manager and a remote user over insecure network. SSH provides an encrypted terminal sessions with
strong authentication of both the server and client, using public-key cryptography and is typically used as a
replacement for unencrypted Telnet. In addition to enabling secure network terminal sessions to the AmpMeter
PDU for configuration and power management, the SSH session may be used for secure Pass through
connections to attached devices.
SSH requires the configuration and use of a client agent on the client PC. There are many freeware, shareware
or for-purchase SSH clients available. Two examples are the freeware client PuTTY and the for-purchase client
SecureCRT ® by VanDyke® Software. For configuration and use of these clients, please refer to the applicable
software documentation.
SSH Command Summary
Command Description
Set SSH Enables/disables SSH support
Set SSH port Sets the SSH server port number
Enabling and Setting up SSH Support
NOTE: A restart of the AmpMeter PDU is required after setting or changing ANY SSH configurations. See
Performing a warm boot on page 28 for more information.
Enabling or disabling SSH support
The Set SSH command is used to enable or disable SSH support.
To enable or disable SSH support:
At the AmpMeter PDU: prompt, type set ssh, followed by enabled or disabled and press Enter.
Changing the SSH server port
With SSH support enabled, the SSH server watches and responds to requests on the default SSH port number
22. This port number may be changed using the Set SSH Port command.
To change the SSH port:
At the AmpMeter PDU: prompt, type set ssh port, followed by the port number and press Enter.
Example
The following changes the SSH port number to 65535:
AmpMeter PDU: set ssh port 65535<Enter>
SSH Technical Specifications
Secure Shell (SSH) version 2
Asymmetric Cryptography:
Diffie-Hellman DSA/DSS 512-1024 (random) bits per NIST specification
Symmetric Cryptography:
AES256-CBC RIJNDAEL256-CBC 3DES-192-CBC
AES192-CBC RIJNDAEL192-CBC BLOWFISH-128-CBC
AES128-CBC RIJNDAEL128-CBC ARCFOUR-128
Message Integrity:
HMAC-SHA1-160 HMAC-SHA1-96
HMAC-MD5-128 HMAC-MD5-96
Authentication:
Username/Password
Session Channel Break Extension (for RS232 Break)
301-0399-3 Rev A. - Page 35