Password Authentication Process; Ssh Configuration - Avaya G450 Manual

Accessing the Avaya G450 Media Gateway
Both sides negotiate and must agree on the same chipper type. The G450 only supports
●
3DES-CBC encryption. The user on the client side accepts the public key. The client
maintains a cache containing a list of fingerprints per server IP address. If the information
in this cache changes, the client notifies the user.
The client chooses a random number that is used to encrypt and decrypt the information
●
sent.
This random number is sent to the G450, after encryption based on the G450's public key.
●
When the G450 receives the encrypted random number, it decrypts it using the private
●
key. This random number is now used with the 3DES-CBC encryption method for all
encryption and decryption of data. The public and private keys are no longer used.

Password authentication process

Before any data is transferred, the G450 requires the client to supply a username and
password. This authenticates the user on the client side to the G450.

SSH configuration

To enable SSH on the G450:
●
a. To execute the SSH protocol, the G450 must first be assigned hostname identification.
Use the hostname command to assign hostname identification.
b. To enable SSH to be used, you must also configure the server host key. Use the
crypto key generate dsa command to generate an SSH host key pair.
c. Enter ip ssh to enable SSH authentication. Note that SSH is enabled by default.
To disable SSH on the G450:
●
- Use the disconnect ssh command to disconnect an existing SSH session.
- Enter no ip ssh to disable the SSH server which disconnects all active SSH
sessions.
Enter show ip ssh to display SSH configuration information and information about any
●
active SSH sessions.
62 Administration for the Avaya G450 Media Gateway