Manuals / Nortel Networks / Computer Equipment / Switch

Nortel Networks 42C4911 Generating RSA Host and Server Keys for SSH Access, Cfg/sys/sshd/hkeygen

Models: 42C4911

1 260
Download 260 pages 54.2 Kb
Page 59
Image 59

Alteon OS Application Guide

Generating RSA Host and Server Keys for SSH Access

To support the SSH server feature, two sets of RSA keys (host and server keys) are required. The host key is 1024 bits and is used to identify the GbE Switch Module. The server key is 768 bits and is used to make it impossible to decipher a captured session by breaking into the GbE Switch Module at a later time.

When the SSH server is first enabled and applied, the switch automatically generates the RSA host and server keys and is stored in the FLASH memory.

NOTE To configure RSA host and server keys, first connect to the GbE Switch Module through the console port (commands are not available via external Telnet connection), and enter the following commands to generate them manually.

>>

#

/cfg/sys/sshd/hkeygen

(Generates the host key)

>>

#

/cfg/sys/sshd/skeygen

(Generates the server key)

These two commands take effect immediately without the need of an apply command.

When the switch reboots, it will retrieve the host and server keys from the FLASH memory. If these two keys are not available in the flash and if the SSH server feature is enabled, the switch automatically generates them during the system reboot. This process may take several minutes to complete.

The switch can also automatically regenerate the RSA server key. To set the interval of RSA server key autogeneration, use this command:

>># /cfg/sys/sshd/intrval <number of hours (0-24)>

A value of 0 (zero) denotes that RSA server key autogeneration is disabled. When greater than 0, the switch will autogenerate the RSA server key every specified interval; however, RSA server key generation is skipped if the switch is busy doing other key or cipher generation when the timer expires.

NOTE The switch will perform only one session of key/cipher generation at a time. Thus, an SSH/SCP client will not be able to log in if the switch is performing key generation at that time, or if another client has logged in immediately prior. Also, key generation will fail if an SSH/SCP client is logging in at that time.

42C4911, January 2007

Chapter 1: Accessing the Switch „ 59

Page 58 Page 60
Page 59
Image 59
Nortel Networks 42C4911 Generating RSA Host and Server Keys for SSH Access, Cfg/sys/sshd/hkeygen, Cfg/sys/sshd/skeygen
Page 58 Page 60

42C4911 specifications

Nortel Networks 42C4911 is a key hardware component designed to meet the needs of modern telecommunications infrastructure. As part of Nortel's extensive portfolio, the 42C4911 has made a significant impact on network design and operation, particularly in enterprises requiring reliable and efficient communication solutions.

One of the standout features of the 42C4911 is its modularity. This allows for flexible configurations and upgrades, enabling organizations to adapt to changing technology requirements and business demands. The design philosophy behind the 42C4911 emphasizes scalability, allowing users to start with a basic setup and expand it as their networking needs grow. This feature is particularly appealing to medium and large enterprises that anticipate increased data and communication requirements over time.

In terms of technology, the 42C4911 supports various telecommunications standards, making it versatile for multiple applications. It typically integrates with other Nortel equipment and can work with third-party devices, ensuring seamless interoperability across different platforms. This is critical as organizations look to create unified communications systems that can handle voice, data, and video traffic efficiently.

The 42C4911 is known for its robust performance and reliability. It is designed to operate continuously under demanding conditions, which is essential for organizations that rely on constant connectivity for their operations. Its built-in redundancy features help safeguard against potential failures, thus enhancing the overall stability of the network. This reliability is further complemented by Nortel's commitment to high-quality manufacturing standards, ensuring that users receive a durable and efficient product.

Security is another major consideration for any networking device, and the 42C4911 provides advanced security features to protect sensitive data. With increasing cybersecurity threats, organizations prioritize devices that offer strong encryption and access control mechanisms. The 42C4911 addresses these needs while facilitating secure communication channels for users, which is essential in today's increasingly interconnected world.

Overall, the Nortel Networks 42C4911 stands out as a versatile and powerful component in the telecommunications landscape. Its modular design, compatibility with diverse technologies, reliability, and emphasis on security make it an appealing choice for organizations looking to enhance their networks. As companies continue to navigate the complexities of communication, devices like the 42C4911 play a crucial role in ensuring that they remain connected and efficient.