Ssh Server And Client - 3Com 5500-EI PWR Install Manual
Hide thumbs
Also See for 5500-EI PWR:
- Reference manual (1314 pages) ,
- Getting started manual (118 pages) ,
- Quick reference manual (59 pages)
Table of Contents
Advertisement
Authentication negotiation
The negotiation steps are as follows:
The client sends an authentication request to the server. The authentication request contains
username, authentication type, and authentication-related information. For example, if the
authentication type is password, the content is the password.
The server starts to authenticate the user. If authentication fails, the server sends an
authentication failure message to the client, which contains the list of methods used for a new
authentication process.
The client selects an authentication type from the method list to perform authentication again.
The above process repeats until the authentication succeeds, or the connection is torn down when
the authentication times reach the upper limit.
SSH provides two authentication methods: password authentication and publickey authentication.
In password authentication, the client encrypts the username and password, encapsulates them
into a password authentication request, and sends the request to the server. Upon receiving the
request, the server decrypts the username and password, compares them with those it maintains,
and then informs the client of the authentication result.
The publickey authentication method authenticates clients using digital signatures. Currently, the
device supports two publickey algorithms to implement digital signatures: RSA and DSA. The
client sends to the server a publickey authentication request containing its user name, public key
and algorithm. The server verifies the public key. If the public key is invalid, the authentication fails;
otherwise, the server generates a digital signature to authenticate the client, and then sends back
a message to inform the success or failure of the authentication.
Session request
After passing authentication, the client sends a session request to the server, while the server listens to
and processes the request from the client. If the client passes authentication, the server sends back to
the client an SSH_SMSG_SUCCESS packet and goes on to the interactive session stage with the
client. Otherwise, the server sends back to the client an SSH_SMSG_FAILURE packet, indicating that
the processing fails or it cannot resolve the request. The client sends a session request to the server,
which processes the request and establishes a session.
Data exchange
In this stage, the server and the client exchanges data in this way:
The client encrypts and sends the command to be executed to the server.
The server decrypts and executes the command, and then encrypts and sends the result to the
client.
The client decrypts and displays the result on the terminal.
SSH Server and Client
To use SSH for secure login to a switch from a device, the switch must be configured as an SSH server
and the device must be configured as an SSH client. As shown in
D are configured as SSH clients to securely access the Switch A, which is acting as the SSH server.
Figure
1-4
1-2, Host A, Host B, and Host
Advertisement
Chapters
Table of Contents
Troubleshooting
