beautypg.com

LevelOne GTL-2691 User Manual

Page 344

background image

C

HAPTER

13

| Security Measures

Configuring the Secure Shell

– 344 –

To use the SSH server, complete these steps:

1.

Generate a Host Key Pair – On the SSH Host Key Settings page, create
a host public/private key pair.

2.

Provide Host Public Key to Clients – Many SSH client programs
automatically import the host public key during the initial connection

setup with the switch. Otherwise, you need to manually create a known

hosts file on the management station and place the host public key in

it. An entry for a public key in the known hosts file would appear similar

to the following example:

10.1.0.54 1024 35

15684995401867669259333946775054617325313674890836547254
15020245593199868544358361651999923329781766065830956
10825913212890233 76546801726272571413428762941301196195566782

59566410486957427888146206519417467729848654686157177393901647
79355942303577413098022737087794545240839717526463580581767167
09574804776117

3.

Import Client’s Public Key to the Switch – See

"Importing User Public

Keys" on page 349

, or use the

copy

tftp public-key

command

(

page 780

) to copy a file containing the public key for all the SSH

client’s granted management access to the switch. (Note that these

clients must be configured locally on the switch via the User Accounts

page as described on

page 325

.) The clients are subsequently

authenticated using these keys. The current firmware only accepts

public key files based on standard UNIX format as shown in the

following example for an RSA Version 1 key:

1024 35
13410816856098939210409449201554253476316419218729589211431738
80055536161631051775940838686311092912322268285192543746031009

37187721199696317813662774141689851320491172048303392543241016
37997592371449011938006090253948408482717819437228840253311595
2134861022902978982721353267131629432532818915045306393916643

[email protected]

4.

Set the Optional Parameters – On the SSH Settings page, configure the
optional parameters, including the authentication timeout, the number

of retries, and the server key size.

5.

Enable SSH Service – On the SSH Settings page, enable the SSH server
on the switch.

6.

Authentication – One of the following authentication methods is
employed:
Password Authentication (for SSH v1.5 or V2 Clients)

a.

The client sends its password to the server.

b.

The switch compares the client's password to those stored in
memory.

c.

If a match is found, the connection is allowed.

See also other documents in the category LevelOne Routers: