Alteon OS Command Reference

Establishing an SSH Connection

Although a remote network administrator can manage the configuration of a GbE Switch Module via Telnet, this method does not provide a secure connection. The SSH (Secure Shell) protocol enables you to securely log into another computer over a network to execute commands remotely. As a secure alternative to using Telnet to manage switch configuration, SSH ensures that all data sent over the network is encrypted and secure.

The switch can do only one session of key/cipher generation at a time. Thus, a SSH/SCP client will not be able to login if the switch is doing key generation at that time or if another client has just logged in before this client. Similarly, the system will fail to do the key generation if a SSH/SCP client is logging in at that time.

The supported SSH encryption and authentication methods are listed below.

„Server Host Authentication: Client RSA-authenticates the switch in the beginning of every connection.

„Key Exchange: RSA

„Encryption: 3DES-CBC, DES

„User Authentication: Local password authentication, Radius

The following SSH clients have been tested:

„SSH 1.2.23 and SSH 1.2.27 for Linux (freeware)

„SecureCRT 3.0.2 and SecureCRT 3.0.3 (Van Dyke Technologies, Inc.)

„F-Secure SSH 1.1 for Windows (Data Fellows)

NOTE The Alteon OS implementation of SSH is based on SSH version 1.5 and supports SSH- 1.5-1.X.XX. SSH clients of other versions (especially Version 2) are not supported.

24 „ The Command Line Interface

BMD00007, November 2007

Page 24
Image 24
Nortel Networks BMD00007 manual Establishing an SSH Connection