beautypg.com

Telnet configuration settings, Secure shell (ssh) settings – Proxim ORiNOCO AP-700 User Manual

Page 57

background image

Performing Advanced Configuration

AP-700 User Guide

Management

57

Telnet Configuration Settings

Telnet Interface Bitmask: Select the interface (Ethernet, Wireless, All Interfaces) from which you can manage the AP via telnet. This
parameter can also be used to Disable telnet management.

Telnet Port Number: The default port number for Telnet applications is 23. However, you can use this field if you want to change the
Telnet port for security reasons (but your Telnet application also must support the new port number you select). You must reboot the
Access Point if you change the Telnet Port.

Telnet Login Idle Timeout (seconds): Enter the number of seconds the system will wait for a login attempt. The AP terminates the
session when it times out. The range is 1 to 300 seconds; the default is 30 seconds.

Telnet Session Idle Timeout (seconds): Enter the number of seconds the system will wait during a session while there is no activity. The
AP will terminate the session on timeout. The range is 1 to 36000 seconds; the default is 900 seconds.

Secure Shell (SSH) Settings

The AP supports SSH version 2, for secure remote CLI (Telnet) sessions. SSH provides strong authentication and encryption of session data.
The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to
clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with
the correct SSH server. The client authentication is performed as follows:

Using a username/password pair if RADIUS Based Management is enabled; otherwise, using a password to authenticate the user over a
secure channel created using SSH.

SSH Session Setup

An SSH session is setup through the following process:

The SSH server public key is transferred to the client using out-of-band or in-band mechanisms.

The SSH client verifies the correctness of the server using the server’s public key.

The user/client authenticates to the server.

An encrypted data session starts. The maximum number of SSH sessions is limited to two. If there is no activity for a specified amount of
time (the Telnet Session Timeout parameter), the AP will timeout the connection.

SSH Clients

The following SSH clients have been verified to interoperate with the AP’s server. The following table lists the clients, version number, and the
website of the client.

For key generation, OpenSSH client has been verified.

Configuring SSH

Perform the following procedure to enable or disable SSH and set the SSH host key:
1. Click Configure > Management > Services.
2. To enable SSH, select Enable from the SSH (Secure Shell) Status drop-down menu.

NOTE

When Secure Management is enabled on the AP, SSH will be enabled by default and cannot be disabled.

3. Select the SSH Host Key Status from the drop-down menu.
Host keys must either be generated externally and uploaded to the AP (see

Uploading Externally Generated Host Keys

), generated manually,

or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present. There is no key present in an AP that is in
a factory default state.

Clients

Version

Website

OpenSSH

V3.4-2

http://www.openssh.com

Putty

Rel 0.53b

http://www.chiark.greenend.org.uk

Zoc

5.00

http://www.emtec.com

Axessh

V2.5

http://www.labf.com