DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual
168
SSH
SSH is an abbreviation of Secure Shell, which is a program allo win g s ecur e rem ote login and secure network services
over an insecure network. It allows a secure login to rem ote host computers, a safe method of executing com mands
on a remote end node, and will provide secure encrypted and authenticated com munication bet ween two non-tr usted
hosts. SSH, with its array of unmatched security features is an essential tool in today’s networ king en vironm ent. It is a
powerful guardian against numerous existing security hazards that no w threaten network communications.
The steps required to use the SSH protocol for secure communication between a remote PC (the S SH client ) and the
Switch (the SSH server) are as follows:
1. Create a user account with admin-level access using the User Accounts window i n the Configuration folder.
This is identical to creating any other admin-level User Account on the S witch, including specifying a
password. This password is used to logon to the Switch, once a secure communication path has been
established using the SSH protocol.
2. Configure the User Account to use a specified authorization method to ident ify users that are allowed to
establish SSH connections with the Switch using the SSH User Authentication Lists window. There are
three choices as to the method SSH will use to authorize the user, which are Host Based, Password and
Public Key.
3. Configure the encryption algorithm that SSH will use to encrypt and decr ypt m essages s ent bet ween the S SH
client and the SSH server, using the SSH Authmode and Algorithm Settings window.
4. Finally, enable SSH on the Switch using the SSH Settings window.
After completing the preceding steps, a SSH Client on a remote PC can be configure d to manage the Switch using a
secure, in band connection.

SSH Settings

The following window is used to configure and view settings for the SSH s erver.
To view this window, click Security > SSH > SSH Settings as sho wn below:
Figure 5 - 31 SSH Settings window
To configure the SSH server on the Switch, modify the following param eters and click Apply:
Parameter Description
SSH Server State Enable or disable SSH on the Switch. The default is Disabled.
Max Session (1-8) Enter a value between 1 and 8 to set the num ber of users that may simultaneously access the
Switch. The default setting is 8.
Connection
Timeout (120-600) Allows the user to set the connection timeout. The use may set a time between 120 and 600
seconds. The default setting is 120 seconds.
Authfail Attempts
(2-20) Allows the Administrator to set the maximum number of attempts that a user may try to log on
to the SSH Server utilizing the SSH authentication. After the maximum number of attempts
has been exceeded, the Switch will be disconnected and the user must reconnect to the
Switch to attempt another login. The number of maximum attempts may be set between 2 and
20. The default setting is 2.
Rekey Timeout Using the pull-down menu uses this field to set the time period that the Switch will chan ge the