Security comparison, Ssh server, Security comparison ssh server – Comtrol Hub DeviceMaster User Manual
Page 77
DeviceMaster Installation and Configuration Guide: 2000594 Rev. A
DeviceMaster Security - 77
Security Comparison
Security
Comparison
This table displays addition information about security feature comparisons.
†
Enable Monitoring Secure Data via Telnet must be enabled. SSH does not
support port monitoring. You can set the securemon enable option.
admin commands are disabled except for read-only ID command required by
NS-Link to identify the device.
The intention is to allow NS-Link to operate through an SSL connection to Port
4606 while is in Secure Data Mode, and to allow NS-Link to operate through a MAC
connection with Secure Config Mode enabled and Secure Data Mode disabled.
SSH Server
The DeviceMaster SSH server has the following characteristics:
•
Requires password authentication – even if password is empty.
•
Enabled/disabled along with telnet access independently of Secure Data and
Secure Config Modes.
•
The DeviceMaster uses third-party MatrixSSH library from PeerSec
Networks:
.
Weakest
Strongest
0
1
2
3
3
4
Supported by
None Password
Authentication Secure Config
Secure Data
Key & Certificate
RedBoot
yes
yes
yes
no
yes
no
SocketServer yes
yes
yes
yes
yes
yes
NS-Link Driver/MAC yes
yes
yes
no
no
no
NS-Link Driver/IP
yes
yes
yes
yes
Serial Monitoring
yes
yes
yes
no
yes †
no
TCP to Serial Ports
yes
yes
yes
no
no
no
SSH to Serial Ports
no
no
no
yes
yes
yes
UDP to Serial Ports
yes
yes
yes
disabled
disabled
disabled
Telnet/Port23
yes
yes
yes
disabled
yes †
disabled
SSH Telnet/Port 22
yes
yes
yes
yes
yes
yes
Telnet Port 4607
yes
yes
yes
disabled
yes
yes
SSH (PuTTY) 4607
no
no
no
yes
disabled
disabled
HTTP (Port 80)
yes
yes
yes
disabled
disabled
disabled
HTTPS (Port 443)
no
no
no
yes
yes
yes
yes
yes
yes
disabled
disabled
disabled
SNMP
yes
yes
yes
disabled
disabled
disabled
RFC1006
yes
yes
yes
disabled
disabled
disabled