IBM 12.1(22)EA6 Manuale Utente
5-34
Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter 5 Configuring Switch-Based Authentication
Configuring the Switch for Secure Shell
•
When generating the RSA key pair, the message “No domain specified” might appear. If it does,
you must configure an IP domain name by using the ip domain-name global configuration
command.
you must configure an IP domain name by using the ip domain-name global configuration
command.
•
When configuring the local authentication and authorization authentication method, make sure that
AAA is disabled on the console.
AAA is disabled on the console.
Cryptographic Software Image Guidelines
The SSH feature uses a large amount of switch memory, which limits the number of VLANs and trunk
ports that you can configure on the switch. Before you download the cryptographic software image, your
switch configuration must meet these conditions:
ports that you can configure on the switch. Before you download the cryptographic software image, your
switch configuration must meet these conditions:
•
The number of trunk ports multiplied by the number of VLANs on the switch must be less than or
equal to 256. These are examples of switch configurations that meet this condition:
equal to 256. These are examples of switch configurations that meet this condition:
–
If the switch has 4 trunk ports, it can have up to 64 VLANs.
–
If the switch has 32 VLANs, it can have up to 8 trunk ports.
Setting Up the Switch to Run SSH
To access the cryptographic version of the Cisco Systems Intelligent Gigabit Ethernet Switch Module
software, follow these steps:
software, follow these steps:
1.
Go to the IBM web site:
2.
Click Support & downloads > Downloads and drivers > BladeCenter (Blades) > BladeCenter
chassis Hardware only > Firmware.
chassis Hardware only > Firmware.
3.
Click Cisco Systems Intelligent Gigabit Ethernet Switch Module Firmware update - IBM
BladeCenter.
BladeCenter.
4.
Find and click the Crypto Code link.
5.
Register and log in with your IBM ID and password.
6.
Find and click the latest level of cryptographic version software.
7.
Click Download now to save the file to your computer.
8.
From your computer you can ftp the file to your switch. This process is described in the switch
command reference using the archive download privileged EXEC command.
command reference using the archive download privileged EXEC command.
For information about configuring SSH and displaying SSH settings, see the “Configuring Secure Shell”
section in the Cisco IOS Security Configuration Guide for Cisco IOS Release 12.2.
section in the Cisco IOS Security Configuration Guide for Cisco IOS Release 12.2.
Follow these steps to set up your switch to run SSH:
1.
Download the cryptographic software image from Cisco.com. This step is required. For more
information, see the release notes for this release.
information, see the release notes for this release.
2.
Configure a host name and IP domain name for the switch. Follow this procedure only if you are
configuring the switch as an SSH server.
configuring the switch as an SSH server.