Secure Shell and Secure Copy
© Copyright Lenovo 2017
Because using Telnet does not provide a secure connection for managing a
CN4093, Secure Shell (SSH) and Secure Copy (SCP) features have been included
for CN4093 management. SSH and SCP use secure tunnels to encrypt and secure
messages between a remote administrator and the switch.
SSH is a protocol that enables remote administrators to log securely into the
CN4093 over a network to execute management commands.
SCP is typically used to copy files securely from one machine to another. SCP uses
SSH for encryption of data on the network. On a CN4093, SCP is used to download
and upload the switch configuration via secure channels.
Although SSH and SCP are disabled by default, enabling and using these features
provides the following benefits:
Identifying the administrator using Name/Password
Authentication of remote administrators
Authorization of remote administrators
Determining the permitted actions and customizing service for individual
administrators
Encryption of management messages
Encrypting messages between the remote administrator and switch
Secure copy support
The Enterprise NOS implementation of SSH supports both versions 1.5 and 2.0 and
supports SSH clients version 1.5 ‐ 2.x. The following SSH clients have been tested:
SSH 1.2.23 and SSH 1.2.27 for Linux (freeware)
SecureCRT 3.0.2 and SecureCRT 3.0.3 for Windows NT (Van Dyke Technologies,
Inc.)
F‐Secure SSH 1.1 for Windows (Data Fellows)
Putty SSH
Cygwin OpenSSH
Mac X OpenSSH
Solaris 8 OpenSSH
AxeSSH SSHPro
SSH Communications Vandyke SSH A
F‐Secure
Chapter 4: Securing Administration
89