Overview, Ssh server guidelines – Allied Telesis AT-S97 User Manual

Page 210

background image

Chapter 13: Secure Shell Server (SSH) Commands

210

Overview

The AT-S97 Management Software has a Secure Shell (SSH) application
protocol server for remote management of the chassis with an SSH client.
Compared to remote Telnet management, this form of management is
more secure because it uses encryption during the management
sessions. During a remote Telnet management session, the payloads in
the packets exchanged between the management workstation and the
management module are sent in clear text, including the login user name
and password. This can leave the management module open to
unauthorized access if someone captures the management packets
during a remote Telnet management session. But with SSH, the payloads
in the packets are encrypted.

The SSH server uses protocol port 22. You cannot change this value.

The server supports SSH protocols 1 and 2. Supported Protocol 1 ciphers
include:

ˆ

Blowfish

ˆ

Triple Data Encryption Standard (3DES)

Supported Protocol 2 ciphers include:

ˆ

Blowfish

ˆ

Triple Data Encryption Standard (3DES)

ˆ

ARCFOUR

ˆ

128, 192, and 256-bit Advanced Encryption Standard (AES)

The two commands SSH ENABLE and SSH DISABLE enable and disable
the SSH server in the management software. The default setting for the
SSH server on the management module is disabled.

To start a remote SSH management session with the management
module, enter the IP address of the management module in the SSH client
at your remote management workstation. For further instructions, refer to
“Starting a Remote Telnet or Secure Shell Management Session” on
page 22.

SSH Server

Guidelines

Follow these guidelines when managing the chassis remotely with an SSH
client:

ˆ

The 10/100/1000Base-T Management port on the management
module must be connected to a network device, such as a Fast
Ethernet or Gigabit Ethernet switch. Remote SSH management
sessions are conducted through this port.

This manual is related to the following products: