![](/images/backgrounds/285815/hp-4100gl-users-manual-549937100x1.png)
Configuring Secure Shell (SSH)
Configuring the Switch for SSH Operation
Note
Refer to “5. Configuring the Switch for SSH Authentication” on page
SSH Client Contact Behavior. At the first contact between the switch and an SSH client, if you have not copied the switch’s public key into the client, your client’s first connection to the switch will question the connection and, for security reasons, give you the option of accepting or refusing. As long as you are confident that an unauthorized device is not using the switch’s IP address in an attempt to gain access to your data or network, you can accept the connection. (As a more secure alternative, you can directly connect the client to the switch’s serial port and copy the switch’s public key into the client. See the following Note.)
When an SSH client connects to the switch for the first time, it is possible for
a
1. Generate a public/private key pair if you have not already done so. (Refer to “2. Generating the Switch’s Public and Private Key Pair” on page
2.Execute the ip ssh command.
To disable SSH on the switch, do either of the following:
■Execute no ip ssh.
■Zeroize the switch’s existing key pair. (page
Syntax: [no] ip ssh
Enables or disables SSH on the switch.
The size of the internal, automatically generated key the switch uses for negotiations with an SSH client. A larger key provides greater security; a smaller key results in faster authentication (default: 512 bits).