HP ProCurve 9304M Security Manual page 75

Overview
Secure Shell (SSH) is a mechanism for allowing secure remote access to management functions on an HP
device. SSH provides a function similar to Telnet. Users can log into and configure the device using a publicly or
commercially available SSH client program, just as they can with Telnet. However, unlike Telnet, which provides
no security, SSH provides a secure, encrypted connection to the device.
SSH supports Arcfour, IDEA, Blowfish, DES (56-bit) and Triple DES (168-bit) data encryption methods. Nine
levels of data compression are available. You can configure your SSH client to use any one of these data
compression levels when connecting to an HP device.
HP devices also support Secure Copy (SCP) for securely transferring files between an HP device and SCP­
enabled remote hosts. See "Using Secure Copy" on page 3-11 for more information.
NOTE: SSH is supported only on 9304M, 9308M, and 9315M Routing Switches with redundant management.
SSH Version 2 Support
In releases prior to 07.8.00, HP devices supported SSH version 1 (SSHv1). Starting with release 07.8.00, HP
devices support SSH version 2 (SSHv2).
SSHv2 is a substantial revision of Secure Shell, comprising the following hybrid protocols and definitions:
• SSH Transport Layer Protocol
• SSH Authentication Protocol
• SSH Connection Protocol
• GSSAPI Authentication and Key Exchange for the Secure Shell Protocol
• Generic Message Exchange Authentication For SSH
• SECSH Public Key File Format
• SSH Fingerprint Format
• SSH Protocol Assigned Numbers
• DNS to Securely Publish SSH Key Fingerprints
• SSH Transport Layer Encryption Modes
• Session Channel Break Extension
June 2005
Configuring Secure Shell
Chapter 3
3 - 1