Table of Contents
Advertisement
N o t e
ProCurve
Switch
(SSH
Server)
Figure 6-2. Switch/User Authentication
N o t e
SSH in the ProCurve is based on the OpenSSH software toolkit. For more
information on OpenSSH, visit www.openssh.com .
Switch SSH and User Password Authentication . This option is a subset
of the client public-key authentication show in figure 6-1. It occurs if the switch
has SSH enabled but does not have login access (login public-key) configured
to authenticate the client's key. As in figure 6-1, the switch authenticates itself
to SSH clients. Users on SSH clients then authenticate themselves to the
switch (login and/or enable levels) by providing passwords stored locally on
the switch or on a TACACS+ or RADIUS server. However, the client does not
use a key to authenticate itself to the switch.
1. Switch-to-Client SSH
2. User-to-Switch (login password and
enable password authentication)
options:
– Local
– TACACS+
SSH on the ProCurve switches covered in this guide supports these data
encryption methods:
■
3DES (168-bit)
DES (56-bit)
■
The ProCurve switches covered in this guide use the RSA algorithm for
internally generated keys (v1/v2 shared host key & v1 server key). However,
ProCurve switches support both RSA and DSA/DSS keys for client authenti-
cation. All references to either a public or private key mean keys generated
using these algorithms unless otherwise noted
Configuring Secure Shell (SSH)
Overview
SSH
Client
Work-
Station
6-3
Hide quick links:
Advertisement
Table of Contents
