Establishing a connection using ssh (secure shell), Enabling and restricting ssh access, Running an ssh client – Nortel Networks NN46120-104 User Manual
Page 138
138
The Command Line Interface
telnet
You will then be prompted to enter a valid user name and password. For
more information about different user accounts and default passwords, see
“Accessing the NVG Cluster” (page 140)
Establishing a Connection Using SSH (Secure Shell)
When accessing the VPN Gateway from a workstation connected to the
network using a Telnet connection, it is important to keep in mind that
the communication channel is not secure. All data flowing back and forth
between the Telnet client and the VPN Gateway is sent unencrypted
(including the password), and there is no server host authentication.
By using an SSH client to establish a connection over the network, the
following benefits are achieved:
•
Server host authentication
•
Encryption of passwords for user authentication
•
Encryption of all traffic that is transmitted over the network when
configuring or collecting information from the VPN Gateway
Enabling and Restricting SSH Access
SSH access to the VPN Gateway is disabled by default. However,
depending on the severity of your security policy, you may want to enable
SSH access. You may also restrict SSH access to one or more specific
machines.
For more information about how to enable SSH access, see the
ssh
command in the "Administrative Applications Configuration " section
under Configuration Menu>System Configuration in the Command
Reference. For more information about how to restrict SSH access to one
or more specific machines, see the add command in the "System Access
Configuration " section in the same chapter.
Running an SSH Client
Connecting to the VPN Gateway using a SSH client is similar to
connecting through Telnet. As with Telnet, the IP parameters on the
VPN Gateway need to be configured in advance and SSH access
must be enabled. After providing a valid user name and password, the
command line interface in the VPN Gateway is accessible the same
way as when using a Telnet client. However, because a secured and
encrypted communication channel is set up even before the user name
and password is transmitted, all traffic sent over the network while
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.