Secure Shell And Secure Copy - Lenovo Flex System Fabric CN4093 Application Manual

Secure Shell and Secure Copy

© Copyright Lenovo 2017
Because using Telnet does not provide a secure connection for managing a
CN4093, Secure Shell (SSH) and Secure Copy (SCP) features have been included
for CN4093 management. SSH and SCP use secure tunnels to encrypt and secure
messages between a remote administrator and the switch.
SSH is a protocol that enables remote administrators to log securely into the
CN4093 over a network to execute management commands.
SCP is typically used to copy files securely from one machine to another. SCP uses
SSH for encryption of data on the network. On a CN4093, SCP is used to download
and upload the switch configuration via secure channels.
Although SSH and SCP are disabled by default, enabling and using these features
provides the following benefits:
 Identifying the administrator using Name/Password
 Authentication of remote administrators
 Authorization of remote administrators
 Determining the permitted actions and customizing service for individual
administrators
 Encryption of management messages
Encrypting messages between the remote administrator and switch

 Secure copy support
The Enterprise NOS implementation of SSH supports both versions 1.5 and 2.0 and
supports SSH clients version 1.5 ‐ 2.x. The following SSH clients have been tested:
 SSH 1.2.23 and SSH 1.2.27 for Linux (freeware)
 SecureCRT 3.0.2 and SecureCRT 3.0.3 for Windows NT (Van Dyke Technologies,
Inc.)
 F‐Secure SSH 1.1 for Windows (Data Fellows)
 Putty SSH
 Cygwin OpenSSH
 Mac X OpenSSH
 Solaris 8 OpenSSH
 AxeSSH SSHPro
 SSH Communications Vandyke SSH A
 F‐Secure
Chapter 4: Securing Administration
89