Ssh Enhancements - HP ProCurve 3500yl Release Notes

Software version k.13.49

Hide thumbs Also See for ProCurve 3500yl:

Access security manual (778 pages)

Specifications (16 pages)

Features (6 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

page of 219

/ 219
Contents
Table of Contents
Bookmarks

Table of Contents

Enhancements

Release K.13.16 Enhancements

•

Web and MAC authentications are not allowed on the same port if unauthenticated VLAN

(that is, a guest VLAN) is enabled for MAC authentication. An unauthenticated VLAN

can't be enabled for MAC authentication if Web and MAC authentication are both

enabled on the port.

•

Hitless re-authentication must be of the same type (MAC) that was used for the initial

authentication. Non-hitless re-authentication can be of any type.

The remaining Web/MAC functionality, including interactions with 802.1X, remains the same. Web

and MAC authentication can be used for different clients on the same port.

Normally, MAC authentication finishes much sooner than Web authentication. However, if Web

authentication should complete first, MAC authentication will cease even though it is possible that

MAC authentication could succeed. There is no guarantee that MAC authentication ends before Web

authentication begins for the client.

These changes are backward compatible with all existing user configurations.

■

Enhancement (PR_0000000088) — This enhancement provides new features for use with

SSH. The SSH enhancements are: AES encryption (included in the K.13.02 release). A new

configuration option is added to allow the server to specify the set of ciphers available for

client connection; A configurable key; Message Authentication Code (MAC) configuration.

A new configuration option provides the ability to configure which MACs a client is permitted

to use; Feedback information; and, SSH CLI show command information enhancements.