beautypg.com

Enabling 256-bit encryption for ssh, Exporting connection configurations – HP Integrity NonStop J-Series User Manual

Page 72

background image

Table 4 Telnet/FTP settings (continued)

Description

Setting

Enter the service name (such as TACL or OSH) or a static window
(such as #WIN05) to choose when logging in.

Service or window name: button

Choose On if Telserv is configured to show the Enter Choice>
prompt during login.

Enter Choice> prompt: combo box

Choose On if Telserv is configured to prompt for user name and
password during login.

Authentication: combo box

Choose TACL or OSH, whichever is started by the login service.
NSDEE cannot connect using a service that does not start a
TACL or OSH process.

Login shell*: combo

5.

After making changes, select OK to return to the Preferences dialog.

6.

Select OK to save your changes and dismiss the Preferences dialog.

For more information on Telserv settings, see the Telserv Manual.

Enabling 256-bit encryption for SSH

Due to import control restrictions, Java Cryptography Extension policy files for the Java Runtime
Environment do not enable 256-bit encryption by default. This means that, by default, if you connect
NSDEE to a NonStop SSH server that is configured for 256-bit encryption, NSDEE displays an
error dialog with the message:

Cannot log on: Algorithm negotiation with server failed.

See "Enabling 256-bit encryption for SSH" in user guide for
possible fix.

To verify if the SSH server is configured for 256-bit encryption, login to the NonStop system with
an SSH program. If, for example, the server is configured to use the aes256-cbc cipher suite, a
line similar to the following appears after a successful login:

STN46 Secure SSH session: xterm keyboard-interactive aes256-cbc hmac-md5

To enable Java (and NSDEE) to use 256-bit encryption, download "Unlimited Strength Java
Cryptography Extension (JCE) Policy Files" from the following site:

Java Platform Technology Downloads

From that site, select the link that matches your version of Java:

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java
Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0

Selecting the link downloads a zip file to your PC. The zip file contains a README.txt file that
explains how to install the policy files.

Exporting connection configurations

Connection configurations can be exported from one workspace for use in another workspace.
To export connection configurations, from the NonStop Development perspective:

1.

To open the Network Connections preference page (

Figure 20 (page 69)

), select NonStop

Tools

→Configure Connections....

2.

Select Export... to open the Export Connection Configurations wizard (

Figure 24 (page 73)

).

72

Tasks

This manual is related to the following products: