Class 1 laser product, L/a d/c d/c l/a d/c l/a – Allied Telesis AT-S63 User Manual

Page 818

background image

Chapter 35: Secure Shell (SSH)

818

Section VIII: Management Security

enhanced stacking feature. Management packets from your workstation
are first directed to the master switch before being forwarded to the slave
switch. The reverse is true as well. Management packets from a slave
switch first pass through the master switch before reaching your
management station.

Enhanced stacking uses a proprietary protocol different from Telnet and
SSH protocols. Consequently, there is no encryption between a master
switch and a slave switch. The result is that SSH encryption can only
occur between your workstation and the master switch, not between your
workstation and a slave switch.

This is illustrated in Figure 281. The figure shows an SSH management
station that is managing a slave switch of an enhanced stack. The packets
exchanged between the slave switch and the master switch are
transmitted in plaintext and those exchanged between the master switch
and the SSH management station are encrypted

Figure 281 SSH Remote Management of a Slave Switch

Because enhanced stacking does not allow for SSH encrypted
management sessions between a management station and a slave
switch, you configure SSH only on the master switch of a stack. Activating
SSH on a slave switch has no affect.

FAULT

RPS

MASTER

POWER

CLASS 1

LASER PRODUCT

STATUS

TERMINAL

PORT

1

3

5

7

9

11

2

4

6

8

10

12

13

15

17

19

21

23R

14

16

18

20

22

24R

AT-9424T/SP

Gigabit Ethernet Switch

1

3

5

7

9

11

13

15

17

19

21

23R

2

4

6

8

10

12

14

16

18

20

22

24R

23

24

L/A

D/C

D/C

L/A

D/C

L/A

1000 LINK / ACT

HDX / COL

FDX

10/100 LINK / ACT

PORT ACTIVITY

L/A

1000 LINK / ACT

SFP

SFP

24

SFP

23

FAULT

RPS

MASTER

POWER

GBIC

23

GBIC

24

CLASS 1

LASER PRODUCT

STATUS

TERMINAL

PORT

1

3

5

7

9

11

2

4

6

8

10

12

13

15

17

19

21

23R

14

16

18

20

22

24R

AT-9424T/GB

Gigabit Ethernet Switch

1

3

5

7

9

11

13

15

17

19

21

23R

2

4

6

8

10

12

14

16

18

20

22

24R

23

24

L/A

D/C

D/C

L/A

D/C

L/A

1000 LINK / ACT

HDX / COL

FDX

10/100 LINK / ACT

PORT ACTIVITY

L/A

1000 LINK / ACT

GBIC

Plaintext Management Packets
(Proprietary Enhanced Stacking Protocol)

Encrypted Management Packets
(SSH Protocol)

Slave Switch

Master Switch

SSH
Management
Workstation

See also other documents in the category Allied Telesis Computer hardware: