Configuring Secure Shell (SSH)

Prerequisite for Using SSH

PEM (Privacy Enhanced Mode): Refers to an ASCII-formatted client public-key that has been encoded for portability and efficiency. SSHv2 client public-keys are typically stored in the PEM format. See figures 4-3 and 4-4 for examples of PEM-encoded ASCII and non encoded ASCII keys.

Private Key: An internally generated key used in the authentication

process. A private key generated by the switch is not accessible for viewing or copying. A private key generated by an SSH client applica-

tion is typically stored in a file on the client device and, together with its public key counterpart, can be copied and stored on multiple devices.

Public Key: An internally generated counterpart to a private key. A device’s public key is used to authenticate the device to other devices.

Enable Level: Manager privileges on the switch.

Login Level: Operator privileges on the switch.

Local password or username: A Manager-level or Operator-level password configured in the switch.

SSH Enabled: (1) A public/private key pair has been generated on the switch (crypto key generate ssh [rsa]) and (2) SSH is enabled (ip

ssh). (You can generate a key pair without enabling SSH, but you cannot enable SSH without first generating a key pair. See “2. Gener-

ating the Switch’s Public and Private Key Pair” on page 4-10 and “4. Enabling SSH on the Switch and Anticipating SSH Client Contact Behavior” on page 4-15.)

Prerequisite for Using SSH

Before using the switch as an SSH server, you must install a publicly or commercially available SSH client application on the computer(s) you use for management access to the switch. If you want client public-key authentication (page 4-2), then the client program must have the capability to generate or import keys.

4-4

Page 88
Image 88
HP 4100gl manual Prerequisite for Using SSH