Secure Shell (Ssh) - D-Link DGS-3427 - xStack Switch - Stackable Product Manual

x Stack
Key File Name
SSL Status
Cache Timeout (60-
86400 sec)
RSA with RC4 128 MD5
RSA with 3DES EDE
CBC SHA
DHE DSS with 3DES EDE
CBC SHA
RSA EXPORT with RC4
40 MD5
Click Apply to implement the changes.
NOTE: Certain implementations concerning the function and configuration of SSL are not available
on the Web-based management of this Switch and need to be configured using the command line
interface.
NOTE: Enabling the SSL command will disable the web-based switch management. To log on to
the Switch again, the header of the URL must begin with https://. Entering anything else into the
address field of the Web browser will result in an error and no authentication will be granted.

Secure Shell (SSH)

SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an
insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node,
and will provide secure encrypted and authenticated communication between two non-trusted hosts. SSH, with its array of
unmatched security features is an essential tool in today's networking environment. It is a powerful guardian against numerous
existing security hazards that now threaten network communications.
The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the Switch (the
SSH server) are as follows:
1. Create a user account with admin-level access using the User Accounts window in the Security Management folder.
This is identical to creating any other admin-level User Account on the Switch, including specifying a password. This
password is used to logon to the Switch, once a secure communication path has been established using the SSH protocol.
2. Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH
connections with the Switch using the SSH User Authentication window. There are three choices as to the method SSH
will use to authorize the user, which are Host Based, Password and Public Key.
®
DGS-3400 Series Layer 2 Gigabit Ethernet M anaged Sw itch
Enter the path and the filename of the key file to download. This file must have a .der
extension (Ex. c:/pkey.der)
Use the pull-down menu to enable or disable the SSL status on the switch. The default is
Disabled.
This field will set the time between a new key exchange between a client and a host using
the SSL function. A new SSL session is established every time the client and host go
through a key exchange. Specifying a longer timeout will allow the SSL session to reuse
the master key on future connections with that particular host, therefore speeding up the
negotiation process. The default setting is 600 seconds.
This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128-
bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this
ciphersuite. This field is Enabled by default.
This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE
encryption and the SHA Hash Algorithm. Use the pull-down menu to enable or disable this
ciphersuite. This field is Enabled by default.
This ciphersuite combines the DSA Diffie Hellman key exchange, CBC Block Cipher
3DES_EDE encryption and SHA Hash Algorithm. Use the pull-down menu to enable or
disable this ciphersuite. This field is Enabled by default.
This ciphersuite combines the RSA Export key exchange and stream cipher RC4
encryption with 40-bit keys. Use the pull-down menu to enable or disable this ciphersuite.
This field is Enabled by default.
Configuration
Ciphersuite
334