Proxim AP-4000 Benutzerhandbuch
Advanced Configuration
AP-4000 Series User Guide
Management
72
Telnet Configuration Settings
• Telnet Interface Bitmask: Select the interface (Ethernet, Wireless-Slot A, Wireless-Slot B, All Interfaces) from
which you can manage the AP via telnet. This parameter can also be used to Disable telnet management.
• Telnet Port Number: The default port number for Telnet applications is 23. However, you can use this field if you want
to change the Telnet port for security reasons (but your Telnet application also must support the new port number you
select). You must reboot the Access Point if you change the Telnet Port.
select). You must reboot the Access Point if you change the Telnet Port.
• Telnet Login Idle Timeout (seconds): Enter the number of seconds the system will wait for a login attempt. The AP
terminates the session when it times out. The range is 30 to 300 seconds; the default is 60 seconds.
• Telnet Session Idle Timeout (seconds): Enter the number of seconds the system will wait during a session while
there is no activity. The AP will terminate the session on timeout. The range is 60 to 36000 seconds; the default is 900
seconds.
seconds.
Secure Shell (SSH) Settings
The AP supports SSH version 2, for secure remote CLI (Telnet) sessions. SSH provides strong authentication and
encryption of session data.
encryption of session data.
The SSH server (AP) has host keys - a pair of asymmetric keys - a private key that resides on the AP and a public key
that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client
can verify that it is communicating with the correct SSH server. The client authentication is performed as follows:
that is distributed to clients that need to connect to the AP. As the client has knowledge of the server host keys, the client
can verify that it is communicating with the correct SSH server. The client authentication is performed as follows:
• Using a username/password pair if RADIUS Based Management is enabled; otherwise, using a password to
authenticate the user over a secure channel created using SSH.
SSH Session Setup
An SSH session is setup through the following process:
• The SSH server public key is transferred to the client using out-of-band or in-band mechanisms.
• The SSH client verifies the correctness of the server using the server’s public key.
• The user/client authenticates to the server.
• An encrypted data session starts. The maximum number of SSH sessions is limited to two. If there is no activity for a
• The SSH client verifies the correctness of the server using the server’s public key.
• The user/client authenticates to the server.
• An encrypted data session starts. The maximum number of SSH sessions is limited to two. If there is no activity for a
specified amount of time (the Telnet Session Timeout parameter), the AP will timeout the connection.
SSH Clients
The following SSH clients have been verified to interoperate with the AP’s server. The following table lists the clients,
version number, and the website of the client.
version number, and the website of the client.
For key generation, OpenSSH client has been verified.
Configuring SSH
Perform the following procedure to set the SSH host key and enable or disable SSH:
1. Click Configure > Management > Services
2. Select the SSH Host Key Status from the drop down menu.
2. Select the SSH Host Key Status from the drop down menu.
NOTE: SSH Host Key Status can not be changed if SSH status or Secure Management is enabled.
3. To enable/disable SSH, select Enable/Disable from the SSH (Secure Shell) Status drop-down menu.
Clients
Version
Website
OpenSSH
V3.4-2
http://www.openssh.com
Putty
Rel 0.53b
http://www.chiark.greenend.org.uk
Zoc
5.00
http://www.emtec.com
Axessh
V2.5
http://www.labf.com