Ssh overview, Support for ssh – Allied Telesis AT-S60 User Manual

Chapter 23: Secure Shell (SSH)

Section III: Security Features

386

SSH Overview

This chapter describes the Secure Shell (SSH) protocol, including:

❑ Support for Secure Shell on the switch

❑ How to configure the switch to act as a SSH server

❑ How to use Secure Shell to manage the switch.

To implement SSH on your switch, you need to configure the switch as
an SSH server, install a SSH client on a management PC, and login to the
client.

Secure management is increasingly important in modern networks, as
the ability to easily and effectively manage switches and the
requirement for security are two universal requirements. Traditionally,
switches are managed using either remote terminal sessions via the
Telnet protocol or SNMP. Both of these methods have serious security
problems—they are only protected by cleartext reusable passwords
which are vulnerable to wiretapping and password guessing.

The Secure Shell (SSH) protocol provides encrypted and strongly
authenticated remote login sessions, similar to the Telnet and rlogin
protocols, between a host running a Secure Shell server and a machine
with a Secure Shell client.

The AT-8400 switch implements a Secure Shell server to enable network
managers to securely manage the switches over an insecure network. It
offers the benefit of cryptographic authentication and encryption.
Secure Shell is strongly authenticated and encrypted. Secure Shell
replaces Telnet for remote terminal sessions.

Support for SSH

The AT-8400 switch implementation of the SSH protocol is compliant
with the SSH protocol versions 1.3, 1.5, and 2.0.

In addition, the following SSH options and features are supported:

❑ Inbound SSH connections (server mode) is supported.

❑ The following security algorithms are supported:

— 128-bit Advanced Encryption Standard (AES),

192-bit AES, and 256-bit AES

— Arcfour (RC4) security algorithm is supported.

— Triple-DES (3DES) encryption for SSH sessions is supported.