Configuring Secure Shell (SSH)

Terminology

Terminology

SSH Server: A ProCurve switch with SSH enabled.

Key Pair: A pair of keys generated by the switch or an SSH client application. Each pair includes a public key, that can be read by anyone and a private key, that is held internally in the switch or by a client.

PEM (Privacy Enhanced Mode): Refers to an ASCII-formatted client public-key that has been encoded for portability and efficiency. SSHv2 client public-keys are typically stored in the PEM format. See figures 6-3and 6-4for examples of PEM-encoded ASCII and non- encoded ASCII keys.

Private Key: An internally generated key used in the authentication process. A private key generated by the switch is not accessible for viewing or copying. A private key generated by an SSH client applica- tion is typically stored in a file on the client device and, together with its public key counterpart, can be copied and stored on multiple devices.

Public Key: An internally generated counterpart to a private key. A device’s public key is used to authenticate the device to other devices.

Enable Level: Manager privileges on the switch.

Login Level: Operator privileges on the switch.

Local password or username: A Manager-level or Operator-level password configured in the switch.

SSH Enabled: (1) A public/private key pair has been generated on the switch (crypto key generate ssh [rsa]) and (2) SSH is enabled (ip ssh). (You can generate a key pair without enabling SSH, but you cannot enable SSH without first generating a key pair. See “2. Generate the Switch’s Public and Private Key Pair” on page 6-10and “4. Enable SSH on the Switch and Anticipate SSH Client Contact Behavior” on page 6-15.)

6-4