Displaying and maintaining SSH ······························································································································· 217

SSH server configuration examples ··························································································································· 218

When switch acts as server for password authentication ··············································································· 218

When switch acts as server for publickey authentication ··············································································· 220

SSH client configuration examples····························································································································· 225

When switch acts as client for password authentication ················································································ 225

When switch acts as client for publickey authentication ················································································ 228

SFTP configuration ······················································································································································ 231

SFTP overview······························································································································································· 231

Configuring the device as an SFTP server ················································································································· 231

Configuration prerequisites ································································································································ 231

Enabling the SFTP server ···································································································································· 231

Configuring the SFTP connection idle timeout period ····················································································· 231

Configuring the device an SFTP client ······················································································································· 232

Specifying a source IP address or interface for the SFTP client······································································ 232

Establishing a connection to the SFTP server ···································································································· 232

Working with SFTP directories ··························································································································· 233

Working with SFTP files ······································································································································ 233

Displaying help information ······························································································································· 234

Terminating the connection to the remote SFTP server ···················································································· 234

SFTP client configuration example ····························································································································· 235

SFTP server configuration example ···························································································································· 238

SSL configuration ························································································································································ 241

SSL overview ································································································································································· 241

SSL security mechanism ······································································································································ 241

SSL protocol stack ··············································································································································· 242

SSL configuration task list ············································································································································ 242

Configuring an SSL server policy ······························································································································· 242

Configuration procedure ···································································································································· 243

SSL server policy configuration example ·········································································································· 243

Configuring an SSL client policy ································································································································ 245

Displaying and maintaining SSL ································································································································ 246

Troubleshooting SSL ····················································································································································· 246

SSL handshake failure ········································································································································· 246

TCP attack protection configuration ·························································································································· 248

TCP attack protection overview ·································································································································· 248

Enabling the SYN cookie feature ······························································································································· 248

Displaying and maintaining TCP attack protection ·································································································· 248

IP source guard configuration ··································································································································· 249

IP source guard overview ············································································································································ 249

Introduction to IP source guard ·························································································································· 249

IP source guard binding ····································································································································· 249

Configuring IPv4 source guard binding ···················································································································· 251

Configuring a static IPv4 source guard binding entry ···················································································· 252

Configuring the dynamic IPv4 source guard binding function ······································································· 252

Configuring IPv6 source guard binding ···················································································································· 253

Configuring a static IPv6 source guard binding entry ···················································································· 253

Configuring the dynamic IPv6 source guard binding function ······································································· 254

Displaying and maintaining IP source guard ············································································································ 255

IP source guard configuration examples ··················································································································· 256

viii

Table of Contents

HP 5120 EI Switch Series Configuration Manual page 8

Troubleshooting

Related Manuals for HP 5120 EI Switch Series

Related Products for HP 5120 EI Switch Series

Table of Contents