7
Connection security configuration
This section describes the following tasks:
• Managing SSL and SSH
• Displaying SSL and SSH
• Creating an SSL security
The 8/20q Fibre Channel Switch supports secure connections with Telnet and switch management
applications. The Secure Shell protocol (SSH) secures Telnet connections to the switch. The Secure Sockets
Layer (SSL) protocol secures switch connections to the following management applications:
•
Simple SAN Connection Manager
•
QuickTools
•
Storage Management Initiative-Specification (SMI-S)
Managing SSL and SSH services
Consider the following when enabling SSH and SSL services:
•
Simple SAN Connection Manager version 1.0 does not support the SSL service. If SSL is enabled, you
will be unable to manage the switch using this version of Simple SAN Connection Manager.
•
To establish a secure Telnet connection, your workstation must use an SSH client.
•
To enable secure SSL connections, you must first synchronize the date and time on the switch and
workstation. See
•
The SSL service must be enabled to authenticate users through a Remote Authentication Dial-In Service
(RADIUS) server. See
•
To disable SSL when using a user authentication RADIUS server, the RADIUS server authentication order
must be local.
•
Enabling SSL automatically creates a security certificate on the switch.
services, page 87
services, page 88
certificate, page 89
"Managing the date and
"Configuring a RADIUS server on the
time" on page 51.
switch" on page 102.
8/20q Fibre Channel Switch command line interface guide
87