Black Box LES1416A, LES1332A, LES1408A, LES144BA, LES1348A SSH tunneled serial bridging, Client Keys

If the host key has been legitimately changed, it can be removed from the ~/.ssh/known_hosts file and the new fingerprint added. If it has not changed, this indicates a serious problem that should be investigated immediately.

15.6.7 SSH tunneled serial bridging

You have the option to apply SSH tunneling when two Black Box console servers are configured for serial bridging.

As detailed in Chapter 4, the Server console server is setup in Console server mode with either RAW or RFC2217 enabled and the Client console server is set up in Serial Bridging Mode with the Server Address, and Server TCP Port (4000 + port for RAW or 5000 + port # for RFC2217) specified:

Select SSH Tunnel when configuring the Serial Bridging Setting.

Next, you will need to set up SSH keys for each end of the tunnel and upload these keys to the Server and Client console servers.

Client Keys:

The first step in setting up ssh tunnels is to generate keys. Ideally, you will use a separate, secure, machine to generate and store all keys to be used on the console servers. If this is not ideal for your situation, keys may be generated on the console servers themselves.

It is possible to generate only one set of keys, and reuse them for every SSH session. While we do not recommend this, each organization will need to balance the security of separate keys against the additional administration they bring.

Generated keys may be one of two types—RSA or DSA (and it is beyond the scope of this document to recommend one over the other). RSA keys will go into the files id_rsa and id_rsa.pub. DSA keys will be stored in the files id_dsa and id_dsa.pub.

_____________________________________________________________________