Configuring Ssh; Overview; How Ssh Works - HP FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
Configuring SSH
Overview
Secure Shell (SSH) is a network security protocol. Using encryption and authentication, SSH can
implement secure remote access and file transfer over an insecure network.
SSH uses the typical client-server model to establish a channel for secure data transfer based on
TCP.
SSH includes two versions: SSH1.x and SSH2.0 (hereinafter referred to as SSH1 and SSH2), which
are not compatible. SSH2 is better than SSH1 in performance and security.
The device supports the following SSH applications:
•
Secure Telnet—Stelnet provides secure and reliable network terminal access services.
Through Stelnet, a user can securely log in to a remote server. Stelnet can protect devices
against attacks, such as IP spoofing and plain text password interception. The device can act
as an Stelnet server or an Stelnet client.
•
Secure File Transfer Protocol—Based on SSH2, SFTP uses SSH connections to provide
secure file transfer. The device can act as an SFTP server, allowing a remote user to log in to
the SFTP server for secure file management and transfer. The device can also act as an SFTP
client, enabling a user to log in from the device to a remote device for secure file transfer.
•
Secure Copy—Based on SSH2, SCP offers a secure method to copy files. The device can act
as an SCP server, allowing a user to log in to the device for file upload and download. The
device can also act as an SCP client, enabling a user to log in from the device to a remote
device for secure file transfer.
•
NETCONF over SSH—Based on SSH2, it enables users to securely log in to the device
through SSH and perform NETCONF operations on the device through the
NETCONF-over-SSH connections. The device can act only as a server in
NETCONF-over-SSH connections. For more information about NETCONF, see Network
Management and Monitoring Configuration Guide.
When acting as an SSH client or server, the device supports the following SSH versions:
•
When acting as an SSH client, the device supports only SSH2.
•
When acting as an Stelnet, SFTP, or SCP server, the device supports both SSH2 and SSH1 in
non-FIPS mode and only SSH2 in FIPS mode.
•
When acting as a NETCONF-over-SSH server, the device supports only SSH2 in either
non-FIPS mode or FIPS modes.
Unless otherwise noted, the SSH server collectively refers to the Stelnet server, SFTP server, SCP
server, and NETCONF-over-SSH server.
How SSH works
This section uses SSH2 as an example to describe the stages to establish an SSH session. For
more information about these stages, see SSH Technology White Paper.
Table 18 Stages to establish an SSH session
Stages
Connection establishment
Description
The SSH server listens to the connection requests on port 22. After a
client initiates a connection request, the server and the client establish
a TCP connection.
356
Advertisement
Table of Contents
Troubleshooting
