Guidelines, General steps to configuring ssh, Guidelines general steps to configuring ssh – Allied Telesis AT-S62 User Manual

AT-S62 User’s Guide

Section VII: Management Security

547

Guidelines

Below are the guidelines to observe when configuring SSH:

❑ SSH requires two encryption key pairs. One key pair will function

as the host key and the other the server key. For instructions on
creating keys, refer to Creating an Encryption Key on page 500.

❑ The two encryption key pairs must be of different lengths of at

least one increment (256 bits) apart. The recommended bit size
for a server key is 768 bits. The recommended size for the host key
is 1024 bits.

❑ You activate and configure SSH on the master switch of an

enhanced stack, not on slave switches.

❑ The AT-S62 software uses well-known port 22 as the SSH default

port.

General Steps to

Configuring

SSH

Configuring the SSH server involves several procedures. This section lists
the procedures you need to complete to configure the SSH feature.

1. Create two encryption key pairs on the master switch of the

enhanced switch. One pair will function as the host key and the other
the server key.

2. Configure and activate the Secure Shell server on the switch by

specifying the two encryption keys in the server software.

For instructions, see Configuring the SSH Server on page 548.

3. Install SSH client software on your management workstation.

Follow the directions provided with the client software. You can
download SSH client software from the Internet. Two popular SSH
clients are PuTTY and CYGWIN.

4. Disable the Telnet server.

Although the switch allows the SSH and Telnet servers to be
enabled simultaneously, allowing Telnet to be enabled negates
the security of the SSH feature. To disable the Telnet server, see
Enabling or Disabling the Telnet Server on page 73.

5. Logon to the switch from your SSH management workstation.