Secure Shell and Secure Copy
Configuring SSH/SCP Features on the Switch
66
CN4093 Application Guide for N/OS 8.2
Because using Telnet does not provide a secure connection for managing a
CN4093, Secure Shell (SSH) and Secure Copy (SCP) features have been included
for CN4093 management. SSH and SCP use secure tunnels to encrypt and secure
messages between a remote administrator and the switch.
SSH is a protocol that enables remote administrators to log securely into the
CN4093 over a network to execute management commands.
SCP is typically used to copy files securely from one machine to another. SCP uses
SSH for encryption of data on the network. On a CN4093, SCP is used to download
and upload the switch configuration via secure channels.
Although SSH and SCP are disabled by default, enabling and using these features
provides the following benefits:
Identifying the administrator using Name/Password
Authentication of remote administrators
Authorization of remote administrators
Determining the permitted actions and customizing service for individual
administrators
Encryption of management messages
Encrypting messages between the remote administrator and switch
Secure copy support
The Lenovo N/OS implementation of SSH supports both versions 1.5 and 2.0 and
supports SSH clients version 1.5 ‐ 2.x. The following SSH clients have been tested:
SSH 1.2.23 and SSH 1.2.27 for Linux (freeware)
SecureCRT 3.0.2 and SecureCRT 3.0.3 for Windows NT (Van Dyke Technologies,
Inc.)
F‐Secure SSH 1.1 for Windows (Data Fellows)
Putty SSH
Cygwin OpenSSH
Mac X OpenSSH
Solaris 8 OpenSSH
AxeSSH SSHPro
SSH Communications Vandyke SSH A
F‐Secure
SSH and SCP are disabled by default. To change the setting, using the following
procedures.
Note: To use SCP, you must first enable SSH.