ZyXEL Communications ZyWALL5UTM 4.0 27.7SSH Implementation on the ZyWALL, 2Encryption Method, 1Host Identification, 3Authentication and Data Transmission

ZyWALL 5/35/70 Series User’s Guide

Figure 217 How SSH Works

The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server.

The client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer.

Once the identification is verified, both the client and server must agree on the type of encryption method to use.

After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server. The client then sends its authentication information (user name and password) to the server to log in to the server.

27.7SSH Implementation on the ZyWALL

Your ZyWALL supports SSH version 1.5 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the ZyWALL for remote SMT management and file transfer on port 22. Only one SSH connection is allowed at a time.