Secure Shell (SSH) is a mechanism for allowing secure remote access to management functions on an HP
device. SSH provides a function similar to Telnet. Users can log into and configure the device using a publicly or
commercially available SSH client program, just as they can with Telnet. However, unlike Telnet, which provides
no security, SSH provides a secure, encrypted connection to the device.
SSH supports Arcfour, IDEA, Blowfish, DES (56-bit) and Triple DES (168-bit) data encryption methods. Nine
levels of data compression are available. You can configure your SSH client to use any one of these data
compression levels when connecting to an HP device.
HP devices also support Secure Copy (SCP) for securely transferring files between an HP device and SCP
enabled remote hosts. See "Using Secure Copy" on page 4-9 for more information.
NOTE: SSH is supported only on HP 9304M and HP 9308M routing switches with redundant management.
SSH is not supported on the HP 6308M-SX or HP 6208M-SX.
NOTE: HP's implementation of SSH supports SSH version 1 only. All references to SSH in this document are to
SSH version 1.
HP's implementation of SSH supports two kinds of user authentication:
RSA challenge-response authentication, where a collection of public keys are stored on the device. Only
clients with a private key that corresponds to one of the stored public keys can gain access to the device using
Password authentication, where users attempting to gain access to the device using an SSH client are
authenticated with passwords stored on the device or on a TACACS/TACACS+ or RADIUS server
Both kinds of user authentication are enabled by default. You can configure the device to use one or both of them.
Configuring Secure Shell on an HP device consists of the following steps:
Setting the HP device's host name and domain name
Generating a host RSA public and private key pair for the device
Configuring RSA challenge-response authentication
Setting optional parameters
You can also view information about active SSH connections on the device as well as terminate them.
Configuring Secure Shell
4 - 1