beautypg.com

Ssh server, Ssh clients, Ssh server ssh clients – Allied Telesis AT-S62 User Manual

Page 739

background image

AT-S62 Management Software Menus Interface User’s Guide

Section VII: Management Security

739

ˆ

Tunnelling of TCP/IP traffic

Note

Non-encrypted Secure Shell sessions serve no purpose.

SSH Server

The AT-S62 management software includes SSH server software. When
the SSH server is activated, your remote management sessions of the
switch from a management station that has SSH client software will be
encrypted.

Note

If your switch is in a network protected by a firewall, you may need to
configure the firewall to permit SSH connections.

An SSH management session uses the same usernames and passwords
as the other types of switch management sessions. You can log in using
the default manager or operator login account, or as a user configured with
the RADIUS and TACACS+ protocols, as explained in Chapter 34,
“TACACS+ and RADIUS Authentication Protocols” on page 747.

The Secure Shell server requires two encryption key pairs. The first, called
the host key, is the switch’s own RSA key. The recommended length of
this key is 1024 bits. The second key, the server key, is used by the SSH
server software on the switch. If desired, you can configure the switch to
periodically re-generate this key. The two keys cannot be of the same
length. For the procedure for creating an encryption key, see “Creating an
Encryption Key” on page 695.

For information on how to create an encryption key, see “Creating an
Encryption Key” on page 695.

SSH Clients

The SSH protocol provides a secure connection between the switch and
SSH clients. Once you have configured the SSH server, you need to install
SSH client software on your management workstation. The AT-S62
software supports both SSH1 and SSH2 clients.

You can download client software from the Internet. Two popular SSH
clients are PuTTY and CYGWIN. To install SSH client software, follow the
directions from the vendor.

After you have installed the SSH client software on your workstation and
configured the server software on the switch, you can use the client
software to login to the switch for an encrypted SSH management session.
The SSH server can support up to one manager session and eight
operator sessions at one time.

See also other documents in the category Allied Telesis Computer hardware: