Secure shell and secure copy, Secure shell and secure copy 107 – Nortel Networks WEB OS 212777 User Manual
Page 107
Web OS 10.0 Application Guide
Chapter 5: Secure Switch Management
n
107
212777-A, February 2002
Secure Shell and Secure Copy
Although a remote network administrator can manage the configuration of an Alteon Web
switch via Telnet, this method does not provide a secure connection. Using Secure Shell (SSH)
and Secure Copy (SCP), messages between a remote administrator and the switch use secure
tunnels so that the data on the network is encrypted and secured.
illus-
trates secure switch management.
N
OTE
–
SSH/SCP features are configured via the console port, using the CLI. However, SCP
putcfg
and TFTP
getcfg
can also change the SSH/SCP configuration.When SSH is
enabled, SCP is also enabled.
SSH is a protocol that enables a remote administrator to log securely into another computer
over a network to execute management commands. All the data sent over the network using
SSH is encrypted and secured. Using SSH gives administrators an alternate way to manage the
switch, one that provides strong security.
SCP is typically used to copy files securely from one machine to another. SCP uses SSH for
encryption of data on the network. On an Alteon Web switch, SCP is used to download and
upload the switch configuration via secure channels.
The benefits of using SSH and SCP are listed below:
n
Authentication of remote administrators
Identifying the administrator using Name/Password
n
Authorization of remote administrators
Determining the permitted actions and customizing service for individual administrators
n
Encryption of management messages
Encrypting messages between the remote administrator and switch
n
Secure copy support
N
OTE
–
The
Web OS
implementation of SSH is based on SSH version 1.5 and supports SSH-
1.5-1.x.xx. SSH clients of other versions (especially version 2) will not be supported. The fol-
lowing SSH clients have been tested:
n SSH 1.2.23 and SSH 1.2.27 for Linux (freeware)
n SecureCRT 3.0.2 and SecureCRT 3.0.3 for Windows NT (Van Dyke Technologies, Inc.)
n F-Secure SSH 1.1 for Windows (Data Fellows)