Guidelines, General steps to configuring ssh, Guidelines general steps to configuring ssh – Allied Telesis AT-S62 User Manual

AT-S62 Management Software Menus Interface User’s Guide

Section VII: Management Security

741

Guidelines

Below are the guidelines to observe when configuring SSH:

ˆ

SSH requires two encryption key pairs. One key pair will function as
the host key and the other the server key. For instructions on creating
keys, refer to “Creating an Encryption Key” on page 695.

ˆ

The two encryption key pairs must be of different lengths of at least
one increment (256 bits) apart. The recommended bit size for a server
key is 768 bits. The recommended size for the host key is 1024 bits.

ˆ

You activate and configure SSH on the master switch of an enhanced
stack, not on slave switches.

ˆ

The AT-S62 software uses well-known port 22 as the SSH default port.

General Steps to

Configuring SSH

Configuring the SSH server involves several procedures. This section lists
the procedures you need to complete to configure the SSH feature.

1. Create two encryption key pairs on the master switch of the enhanced

switch. One pair will function as the host key and the other the server
key.

2. Configure and activate the Secure Shell server on the switch by

specifying the two encryption keys in the server software.

For instructions, see “Configuring the SSH Server” on page 742.

3. Install SSH client software on your management workstation.

Follow the directions provided with the client software. You can
download SSH client software from the Internet. Two popular SSH
clients are PuTTY and CYGWIN.

4. Disable the Telnet server.

Although the switch allows the SSH and Telnet servers to be
enabled simultaneously, allowing Telnet to be enabled negates the
security of the SSH feature. To disable the Telnet server, see
“Enabling or Disabling the Telnet Server” on page 67.

5. Logon to the switch from your SSH management workstation.