Nortel Networks 4050 User Manual

84 Chapter 3 Managing the network access devices

320818-A

Managing SSH keys using the CLI

The Nortel SNAS 4050 and the network access devices controlled by the Nortel
SNAS 4050 domain exchange public keys so that they can authenticate
themselves to each other in future SSH communications.

To enable secure communication between the Nortel SNAS 4050 and the network
access device, do the following:

Generate an SSH public key for the Nortel SNAS 4050 domain (see

“Generating SSH keys for the domain using the CLI” on page 85

), if

necessary. Apply the change immediately.

If you created the domain manually, the SSH key was generated automatically
(see

“Manually creating a domain using the CLI” on page 121

Export the Nortel SNAS 4050 public key to each network access device.

•

For an Ethernet Routing Switch 8300:

Use the

/cfg/domain #/switch #/sshkey/export

command to

export the key directly to the switch (see

“Managing SSH keys for Nortel

SNA communication using the CLI” on page 88

•

For an Ethernet Routing Switch 5510, 5520, or 5530:

Use the

/cfg/domain #/sshkey/export

command to upload the key

to a TFTP server, for manual retrieval from the switch (see

“Generating

SSH keys for the domain using the CLI” on page 85

). For information

about downloading the key from the server to the switch, see Release
Notes for Nortel Ethernet Routing Switch 5500 Series, Software Release
4.3 (217468-B).

Note: The SSH key for the Nortel SNAS 4050 domain is not the same
as the SSH key generated during initial setup for all Nortel SNAS 4050
hosts in the cluster (see

“Initial setup”

step 15 on page 57