Ssh configuration guidelines, Below are the guidelines to configuring ssh, Class 1 laser product – Allied Telesis AT-S63 User Manual
Page 822: L/a d/c d/c l/a d/c l/a

Chapter 35: Secure Shell (SSH)
822
Section VIII: Management Security
switch first pass through the master switch before reaching your 
management station.
Enhanced stacking uses a proprietary protocol different from Telnet and 
SSH protocols. Consequently, there is no encryption between a master 
switch and a slave switch. The result is that SSH encryption only occurs 
between your workstation and the master switch, not between your 
workstation and a slave switch.
This is illustrated in Figure 279. The figure shows an SSH management 
station that is managing a slave switch of an enhanced stack. The packets 
exchanged between the slave switch and the master switch are 
transmitted in plaintext and those exchanged between the master switch 
and the SSH management station are encrypted
Figure 279 SSH Remote Management of a Slave Switch
Because enhanced stacking does not allow for SSH encrypted 
management sessions between a management station and a slave 
switch, you configure SSH only on the master switch of a stack. Activating 
SSH on a slave switch has no affect.
SSH
Configuration
Guidelines
Below are the guidelines to configuring SSH:
SSH requires two encryption key pairs. One key pair functions as the 
host key and the other as the server key. For instructions on creating 
keys, refer to “Creating an Encryption Key” on page 771.
The two encryption key pairs must be of different lengths of at least 
one increment (256 bits) apart. The recommended bit size for a server 
key is 768 bits. The recommended size for the host key is 1024 bits.
FAULT
RPS
MASTER
POWER
CLASS 1
LASER PRODUCT
STATUS
TERMINAL
PORT
1
3
5
7
9
11
2
4
6
8
10
12
13
15
17
19
21
23R
14
16
18
20
22
24R
AT-9424T/SP
Gigabit Ethernet Switch
1
3
5
7
9
11
13
15
17
19
21
23R
2
4
6
8
10
12
14
16
18
20
22
24R
23
24
L/A
D/C
D/C
L/A
D/C
L/A
1000 LINK / ACT
HDX / COL
FDX
10/100 LINK / ACT
PORT ACTIVITY
L/A
1000 LINK / ACT
SFP
SFP
24
SFP
23
FAULT
RPS
MASTER
POWER
GBIC
23
GBIC
24
CLASS 1
LASER PRODUCT
STATUS
TERMINAL
PORT
1
3
5
7
9
11
2
4
6
8
10
12
13
15
17
19
21
23R
14
16
18
20
22
24R
AT-9424T/GB
Gigabit Ethernet Switch
1
3
5
7
9
11
13
15
17
19
21
23R
2
4
6
8
10
12
14
16
18
20
22
24R
23
24
L/A
D/C
D/C
L/A
D/C
L/A
1000 LINK / ACT
HDX / COL
FDX
10/100 LINK / ACT
PORT ACTIVITY
L/A
1000 LINK / ACT
GBIC
Plaintext Management Packets
(Proprietary Enhanced Stacking Protocol)
Encrypted Management Packets
(SSH Protocol)
Slave Switch
Master Switch
SSH 
Management
Workstation
