Chapter 44 Service Control
The client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer.
2Encryption Method
Once the identification is verified, both the client and server must agree on the type of encryption method to use.
3Authentication and Data Transmission
After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server. The client then sends its authentication information (user name and password) to the server to log in to the server.
44.6.2 SSH Implementation on the ZyWALLYour ZyWALL supports SSH versions 1 and 2 using RSA authentication and four encryption methods (AES, 3DES, Archfour and Blowfish). The SSH server is implemented on the ZyWALL for management using port 22 (by default).
44.6.3 Requirements for Using SSHYou must install an SSH client program on a client computer (Windows or Linux operating system) that is used to connect to the ZyWALL over SSH.
44.6.4 Configuring SSHClick System > SSH to change your ZyWALL’s Secure Shell settings. Use this screen to specify from which zones SSH can be used to manage the ZyWALL. You can also specify from which IP addresses the access can come.
"It is recommended that you disable Telnet and FTP when you configure SSH for secure connections.
Figure 447 System > SSH
| 601 |
ZyWALL USG 1000 User’s Guide | |
|
|