Telnet configuration settings, Secure shell (ssh) settings – Proxim ORiNOCO AP-700 User Manual
Page 57
Performing Advanced Configuration
AP-700 User Guide
Management
57
Telnet Configuration Settings
•
Telnet Interface Bitmask: Select the interface (Ethernet, Wireless, All Interfaces) from which you can manage the AP via telnet. This
parameter can also be used to Disable telnet management.
•
Telnet Port Number: The default port number for Telnet applications is 23. However, you can use this field if you want to change the
Telnet port for security reasons (but your Telnet application also must support the new port number you select). You must reboot the
Access Point if you change the Telnet Port.
•
Telnet Login Idle Timeout (seconds): Enter the number of seconds the system will wait for a login attempt. The AP terminates the
session when it times out. The range is 1 to 300 seconds; the default is 30 seconds.
•
Telnet Session Idle Timeout (seconds): Enter the number of seconds the system will wait during a session while there is no activity. The
AP will terminate the session on timeout. The range is 1 to 36000 seconds; the default is 900 seconds.
Secure Shell (SSH) Settings
The AP supports SSH version 2, for secure remote CLI (Telnet) sessions. SSH provides strong authentication and encryption of session data.
The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key that is distributed to
clients that need to connect to the AP. As the client has knowledge of the server host keys, the client can verify that it is communicating with
the correct SSH server. The client authentication is performed as follows:
•
Using a username/password pair if RADIUS Based Management is enabled; otherwise, using a password to authenticate the user over a
secure channel created using SSH.
SSH Session Setup
An SSH session is setup through the following process:
•
The SSH server public key is transferred to the client using out-of-band or in-band mechanisms.
•
The SSH client verifies the correctness of the server using the server’s public key.
•
The user/client authenticates to the server.
•
An encrypted data session starts. The maximum number of SSH sessions is limited to two. If there is no activity for a specified amount of
time (the Telnet Session Timeout parameter), the AP will timeout the connection.
SSH Clients
The following SSH clients have been verified to interoperate with the AP’s server. The following table lists the clients, version number, and the
website of the client.
For key generation, OpenSSH client has been verified.
Configuring SSH
Perform the following procedure to enable or disable SSH and set the SSH host key:
1. Click Configure > Management > Services.
2. To enable SSH, select Enable from the SSH (Secure Shell) Status drop-down menu.
NOTE
When Secure Management is enabled on the AP, SSH will be enabled by default and cannot be disabled.
3. Select the SSH Host Key Status from the drop-down menu.
Host keys must either be generated externally and uploaded to the AP (see
Uploading Externally Generated Host Keys
), generated manually,
or auto-generated at the time of SSH initialization if SSH is enabled and no host keys are present. There is no key present in an AP that is in
a factory default state.
Clients
Version
Website
OpenSSH
V3.4-2
http://www.openssh.com
Putty
Rel 0.53b
http://www.chiark.greenend.org.uk
Zoc
5.00
http://www.emtec.com
Axessh
V2.5
http://www.labf.com