HP procurve 2500 사용자 설명서
79
Enhancements in Release F.04.08
Configuring Secure Shell (SSH)
Configuring Secure Shell (SSH)
N o t e
SSH in the ProCurve Series 2500 switches is based on the OpenSSH software toolkit. For more information
on OpenSSH, visit
on OpenSSH, visit
Switch SSH and User Password Authentication .
This option is a subset of the client public-key
authentication show in figure 26. It occurs if the switch has SSH enabled but does not have login
access (
access (
login rsa) configured to authenticate the client’s key. As in figure 26, the switch authenticates
itself to SSH clients. Users on SSH clients then authenticate themselves to the switch (login and/or
enable levels) by providing passwords stored locally on the switch or on a TACACS+ or RADIUS
server. However, the client does not use a key to authenticate itself to the switch.
enable levels) by providing passwords stored locally on the switch or on a TACACS+ or RADIUS
server. However, the client does not use a key to authenticate itself to the switch.
Figure 27. Switch/User Authentication
SSH on the Series 2500 switches supports these data encryption methods:
■
3DES (168-bit)
■
DES (56-bit)
N o t e
This release supports SSH version 1 only, and all references to SSH in this document are to SSHv1
unless otherwise stated. SSH version 1 uses RSA public key algorithms exclusively, and all references
to either a public or private key mean keys generated using these algorithms unless otherwise noted.
unless otherwise stated. SSH version 1 uses RSA public key algorithms exclusively, and all references
to either a public or private key mean keys generated using these algorithms unless otherwise noted.
Series 2500
Switch
(SSH
Server)
SSH
Client
Work-
Station
1. Switch-to-Client SSH authentication.
2. User-to-Switch (login password and
enable password authentication)
options:
options:
– Local
– TACACS+
– RADIUS
– TACACS+
– RADIUS