Ssh - D-Link xStack DES-3800 Series User Manual

Cache Timeout (60-
86400)
RSA with RC4 128
MD5
RSA with 3DES EDE
CBC SHA
DHS DSS with 3DES
EDE CBC SHA
RSA EXPORT with
RC4 40 MD5
NOTE: Certain implementations concerning the function and
configuration of SSL are not available on the web-based management
of this Switch and need to be configured using the command line
interface. For more information on SSL and its functions, see the
xStack DES-3800 Series CLI Manual, located on the documentation
CD of this product.
NOTE: Enabling the SSL command will disable the web-based switch
management. To log on to the Switch again, the header of the URL
must begin with https://. Entering anything else into the address field
of the web browser will result in an error and no authentication will be
granted.

SSH

SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure
network services over an insecure network. It allows a secure login to remote host computers, a safe
method of executing commands on a remote end node, and will provide secure encrypted and
authenticated communication between two non-trusted hosts. SSH, with its array of unmatched
security features is an essential tool in today's networking environment. It is a powerful guardian
against numerous existing security hazards that now threaten network communications.
The steps required to use the SSH protocol for secure communication between a remote PC (the SSH
client) and the Switch (the SSH server) are as follows:
1. Create a user account with admin-level access using the User Accounts window in the
Security Management folder. This is identical to creating any other admin-level User
Account on the Switch, including specifying a password. This password is used to logon to the
Switch, once a secure communication path has been established using the SSH protocol.
xStack DES-3800 Series Layer 3 Stackable Fast Ethernet Managed Switch
This field will set the time between a new key exchange between a client and a host
using the SSL function. A new SSL session is established every time the client and
host go through a key exchange. Specifying a longer timeout will allow the SSL
session to reuse the master key on future connections with that particular host,
therefore speeding up the negotiation process. The default setting is 600 seconds.
This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with
128-bit keys and the MD5 Hash Algorithm. Use the pull down menu to enable or
disable this ciphersuite. This field is Enabled by default.
This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE
encryption and the SHA Hash Algorithm. Use the pull down menu to enable or disable
this ciphersuite. This field is Enabled by default.
This ciphersuite combines the DSA Diffie Hellman key exchange, CBC Block Cipher
3DES_EDE encryption and SHA Hash Algorithm. Use the pull down menu to enable
or disable this ciphersuite. This field is Enabled by default.
This ciphersuite combines the RSA Export key exchange and stream cipher RC4
encryption with 40-bit keys. Use the pull down menu to enable or disable this
ciphersuite. This field is Enabled by default.
Ciphersuite
229