1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Small Business 200 Series
  6. Administration manual

Ssh Server Authentication - Cisco Small Business 200 Series Administration Manual

Small business 200 series smart switch
Hide thumbs Also See for Small Business 200 Series:
Table of Contents

Advertisement

21
Security: SSH Client

SSH Server Authentication

The password method is the default method on the device.
Public/Private Keys
To use the public/private key method, create a username and public key on the SSH server. The public key
is generated on the device, as described below, and then copied to the server. The actions of creating a
username on the server and copying the public key to the server are not described in this guide.
RSA and DSA default key pairs are generated for the device when it is booted. One of these keys is used to
encrypt the data being downloaded from the SSH server. The RSA key is used by default.
If the user deletes one or both of these keys, they are regenerated.
The public/private keys are encrypted and stored in the device memory. The keys are part of the device
configuration file, and the private key can be displayed to the user, in encrypted or plaintext form.
Since the private key cannot be copied directly to the private key of another device, an import method
exists that enables copying private keys from device to device (described in
Import
Keys).
Import Keys
In the key method, individual public/private keys must be created for each individual device, and these
private keys cannot be copied directly from one device to another because of security considerations.
If there are multiple switches in the network, the process of creating public/private keys for all the switches
might be time-consuming, because each public/private key must be created and then loaded onto the SSH
server.
To facilitate this process, an additional feature enables secure transfer of the encrypted private key to all
switches in the system.
When a private key is created on a device, it is also possible to create an associated passphrase. This
passphrase is used to encrypt the private key and to import it into the remaining switches. In this way, all the
switches can use the same public/private key.
SSH Server Authentication
A device, as an SSH client, only communicates with a trusted SSH server. When SSH server authentication
is disabled (the default setting), any SSH server is considered trusted. When SSH server authentication is
enabled, the user must add an entry for the trusted servers to the Trusted SSH Servers Table. This table
stores the following information per each SSH Trusted server for a maximum of 16 servers, and contains the
following information:
Server IP address/host name
Cisco Small Business 200 Series Smart Switch Administration Guide
282
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco Small Business 200 Series

Related Content for Cisco Small Business 200 Series

This manual is also suitable for:

Small business sg200-18Small business sg200-26Small business sg200-26pSmall business sg200-50Small business sg200-50pSmall business sf200-24 ... Show all

Table of Contents