RackSwitch G8000 Application Guide

Secure Shell

Secure Shell (SSH) use secure tunnels to encrypt and secure messages between a remote administrator and the switch. Telnet does not provide this level of security. The Telnet method of managing a G8000 does not provide a secure connection.

SSH is a protocol that enables remote administrators to log securely into the G8000 over a net- work to execute management commands.

The benefits of using SSH are listed below:

„Authentication of remote administrators

„Identifying the administrator using Name/Password

„Authorization of remote administrators

„Determining the permitted actions and customizing service for individual administrators

„Encryption of management messages

„Encrypting messages between the remote administrator and switch

„Secure copy support

The Blade OS implementation of SSH supports both versions 1.0 and 2.0 and supports SSH client versions 1.5 - 2.x.

Configuring SSH features on the switch

Before you can use SSH commands, use the following commands to turn on SSH.

SSH is disabled by default.

Use the following command to enable SSH:

RS G8000 (config)# ssh enable

SSH encryption of management messages

The following encryption and authentication methods are supported for SSH:

Server Host Authentication:

Client RSA authenticates the switch at the beginning of

 

every connection

Key Exchange:

RSA

Encryption:

3DES-CBC, DES

User Authentication:

Local password authentication

34 „ Chapter 1: Accessing the Switch

BMD00041, November 2008

Page 34
Image 34
Blade ICE G8000 manual Secure Shell, Configuring SSH features on the switch, SSH encryption of management messages