beautypg.com

Enabling 256-bit encryption for ssh, Exporting connection configurations – HP Integrity NonStop H-Series User Manual

Page 68

background image

Table 4 Telnet/FTP settings (continued)

Description

Setting

Enter the name of a service (such as TACL or OSH) or a static
window (such as #WIN05) NSDEE is to choose when logging
in.

Service or window name: button

Choose On if Telserv is configured to show the Enter Choice>
prompt during login.

Enter Choice> prompt: combo box

Choose On if Telserv is configured to prompt for user name and
password when you login.

Authentication: combo box

Choose TACL or OSH, whichever is started by the service you
use to login. NSDEE cannot connect using a service that doesn't
start a TACL or OSH process.

Login shell*: combo

5.

After making changes, select OK to return to the Preferences dialog.

6.

Select OK to save your changes and dismiss the Preferences dialog.

For more information on Telserv settings, see the Telserv Manual.

Enabling 256-bit encryption for SSH

Due to import control restrictions, Java Cryptography Extension policy files for the Java Runtime
Environment do not enable 256-bit encryption by default. This means that, by default, if you connect
NSDEE to a NonStop SSH server that is configured for 256-bit encryption, NSDEE will display an
error dialog with the message:

Cannot log on: Algorithm negotiation with server failed.

See "Enabling 256-bit encryption for SSH" in user guide for
possible fix.

One way to check if the SSH server is configured for 256-bit encryption is to login to the NonStop
system with an SSH program. If, for example, the server is configured to use the aes256-cbc cipher
suite, it will print a line similar to the following after a successful login:

STN46 Secure SSH session: xterm keyboard-interactive aes256-cbc hmac-md5

To enable Java (and NSDEE) to use 256-bit encryption, you need to download "Unlimited Strength
Java™ Cryptography Extension (JCE) Policy Files" from the following site:

http://www.oracle.com/technetwork/java/javasebusiness/downloads/
java-archive-downloads-java-plat-419418.html

From that site, select the link that matches your version of Java. Either:

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0

Selecting the link will download a zip file to your PC. The zip file contains a README.txt file
that explains how to install the policy files.

Exporting connection configurations

You can export connection configurations you've set up in one workspace for use in another
workspace. To export connection configurations, perform the following steps from the NonStop
Development perspective:

1.

Open the Network Connections preference page (

Figure 20 (page 65)

) by selecting NonStop

Tools > Configure Connections...

2.

Select the Export... button to open the Export Connection Configurations wizard
(

Figure 24 (page 69)

).

68

Tasks

This manual is related to the following products:
See also other documents in the category HP Computer hardware: