Ssh and enhanced stacking, Ssh and enhanced stacking 3 – Allied Telesis AT-9000 Series User Manual

AT-9000 Switch Command Line User’s Guide

1303

SSH and Enhanced Stacking

The switch allows for encrypted SSH management sessions between a
management station and the master switch of an enhanced stack, but not
with member switches, as explained in this section.

When you remotely manage a member switch, all management
communications are conducted through the master switch using the
enhanced stacking feature. Management packets from your workstation
are first directed to the master switch before being forwarded to the
member switch. The reverse is true as well. Management packets from a
member switch first pass through the master switch before reaching your
management station.

Enhanced stacking uses a proprietary protocol different from Telnet and
SSH protocols. Consequently, there is no encryption between a master
switch and a member switch. The result is that SSH encryption only occurs
between your workstation and the master switch, not between your
workstation and a member switch.

This is illustrated in Figure 212. The figure shows an SSH management
station that is managing a member switch of an enhanced stack. The
packets exchanged between the member switch and the master switch
are transmitted in plaintext and those exchanged between the master
switch and the SSH management station are encrypted.

Figure 212. SSH Remote Management of a Member Switch

Plaintext Management Packets
(Proprietary Enhanced Stacking Protocol)

Encrypted Management Packets
(SSH Protocol)

Member Switch

Command Switch

SSH
Management
Workstation