Alcatel-Lucent 6850-48 補足マニュアル
Logging Into the Switch
Using Secure Shell
OmniSwitch AOS Release 6 Switch Management Guide
September 2009
page 2-15
Connection Phase
After successful authentication, both the client and the server process the Secure Shell connection
protocol. The OmniSwitch supports one channel for each Secure Shell connection. This channel can be
used for a Secure Shell session or a Secure Shell FTP session.
protocol. The OmniSwitch supports one channel for each Secure Shell connection. This channel can be
used for a Secure Shell session or a Secure Shell FTP session.
Using Secure Shell DSA Public Key Authentication
The following procedure is used to set up Secure Shell (SSH) DSA public key authentication (PKA)
between an OmniSwitch and a client device:
between an OmniSwitch and a client device:
Note. Note that if PKA fails, the user is prompted for a password. This is the password that was specified
when the user name was created on the OmniSwitch.
when the user name was created on the OmniSwitch.
1 Use the PuTTYgen SSH software on the client device to generate a type SSH2 DSA private and public
key pair.
key pair.
2 Do not save the public key on the client device using PutTTYgen. Instead, copy the key from the
PuTTYgen public key window and paste the key into a text file with the filename userid_dsa.pub. Spec-
ify a valid OmniSwitch user login name for the userid portion of the filename. For example, the following
public key filename is for OmniSwitch user Thomas:
PuTTYgen public key window and paste the key into a text file with the filename userid_dsa.pub. Spec-
ify a valid OmniSwitch user login name for the userid portion of the filename. For example, the following
public key filename is for OmniSwitch user Thomas:
thomas_dsa.pub
3 Use PuTTYgen to save the private key on the client device.
4 Verify that the userid specified as part of the filename in Step 2 is a valid user name on the
OmniSwitch. If the username does not already exist in the switch configuration, create the user name with
the appropriate privileges.
OmniSwitch. If the username does not already exist in the switch configuration, create the user name with
the appropriate privileges.
5 FTP in ASCII mode the userid_dsa.pub file from the client device to the flash/network/pub direc-
tory on the OmniSwitch. Create the flash/network/pub directory first if it does not already exist.
tory on the OmniSwitch. Create the flash/network/pub directory first if it does not already exist.
6 Using PuTTY software on the client device, access SSH, then Auth, and then select the private key
generated in Step 1 to start the authentication process.
generated in Step 1 to start the authentication process.
7 To enforce Secure Shell PKA on a switch use the
Note. If a public key file (i.e., thomas_dsa.pub) exists in the flash/network/pub directory on the switch ,
PKA is still used even if this method of authentication was disabled using the
PKA is still used even if this method of authentication was disabled using the
command. Rename, move, or delete the public key file to ensure that PKA is disabled on the switch.
Starting a Secure Shell Session
command and identify the IP address or hostname for the
device you are connecting to.
command to start an SSHv6 session followed by the relevant IPv6 address or the
hostname, over an IPv6 environment.