beautypg.com

Asus GigaX2024SX User Manual

Page 67

background image

d. The client uses its private key to decrypt the bytes, and sends the

tch.

s to the original bytes it sent. If the

two sets match, this means that the client's private key corresponds to an

nt sessions includes both current Telnet sessions and SSH sessions.

e secure communications between

an SSH client and the switch. After generating this key pair, you must provide the

g is the

cryption method used by SSH is based

The last string is the encoded modulus.

to generate the host key pair (i.e., public

or DSA for key exchange when the client first

ory to flash memory. Otherwise, the host key pair is stored to RAM by

e that you must select this item prior to generating the host-key pair.

air. Note that you must

rver on the SSH

he

decrypted bytes back to the swi
e. The switch compares the decrypted byte

authorized public key, and the client is authenticated.
Notes: 1. To use SSH with only password authentication, the host public key
must still be given to the client, either during initial connection or manually entered
into the known host file. However, you do not need to configure the client’s keys.
2. The SSH server supports up to four client sessions. The maximum number
of clie

Generating the Host Key Pair
A host public/private key pair is used to provid

host public key to SSH clients and import the client’s public key to the switch as
described in the proceeding section (Command Usage).
Field Attributes
Public-Key of Host-Key – The public key for the host.
- RSA: The first field indicates the size of the host key (e.g., 1024), the second
field is the encoded public exponent (e.g., 65537), and the last strin
encoded modulus.
- DSA: The first field indicates that the en

S).

on the Digital Signature Standard (DS
Host-Key Type – The key type used
and private keys). (Range: RSA, DSA, Both: Default: RSA)
The SSH server uses RSA
establishes a connection with the switch, and then negotiates with the client to
select either DES (56-bit) or 3DES (168-bit) for data encryption.
Save Host-Key from Memory to Flash – Saves the host key from RAM (i.e.,
volatile mem

efault. Not

d
Generate – This button is used to generate the host key p
first generate the host key pair before you can enable the SSH se
Server Settings page.
Web – Click Security, SSH, Host-Key Settings. Select the host-key type from t
drop-down box, select the option to save the host key from memory to flash (if
required) prior to generating the key, and then click Generate.

3-42

See also other documents in the category Asus Communication: