Establishing a Telnet connection

A Telnet connection offers the convenience of accessing the switch from any workstation connected to the network. Telnet provides the same options for user, operator, and administrator access as those available through the console port. By default, Telnet is enabled on the switch. The switch supports four concurrent Telnet connections.

Once the IP parameters are configured, you can access the CLI using a Telnet connection. To establish a Telnet connection with the switch, run the Telnet program on the workstation and enter the telnet command, followed by the switch IP address:

telnet <10GbE switch IP address>

You will then be prompted to enter a password. The password entered determines the access level: administrator, operator, or user. See the “Accessing the switch” section later in this chapter for description of default passwords.

Establishing an SSH connection

Although a remote network administrator can manage the configuration of a switch via Telnet, this method does not provide a secure connection. The Secure Shell (SSH) protocol enables you to securely log into the switch over the network.

As a secure alternative to using Telnet to manage switch configuration, SSH ensures that all data sent over the network is encrypted and secure. In order to use SSH, you must first configure it on the switch. See the “Secure Shell Server configuration” section in the “Configuration Menu” chapter for information on how to configure SSH.

The switch can perform only one session of key/cipher generation at a time. Therefore, an SSH/Secure Copy (SCP) client will not be able to log in if the switch is performing key generation at that time or if another client has just logged in before this client. Similarly, the system will fail to perform the key generation if an SSH/SCP client is logging in at that time.

The supported SSH encryption and authentication methods are listed below.

Server Host Authentication—Client RSA authenticates the switch in the beginning of every connection

Key Exchange—RSA

Encryption:

AES256-CBC

AES192-CBC

AES128-CBC

3DES-CBC

3DES

ARCFOUR

User Authentication—Local password authentication; Remote Authentication Dial-in User Service (RADIUS)

Command line interface 10

Page 9 Page 11
Page 10
Image 10
HP BMD00022 manual Establishing a Telnet connection, Establishing an SSH connection, 3DES, Telnet 10GbE switch IP address
Page 9 Page 11
Top Page Image Contents