Dell Force10 S25N-S50N Microsoft Word - s-series-secure-management - Page 4

S-Series Secure Management Using an SSH client, connect to the switch and login to verify that the SSH server is working. 4. Once you have verified that you can connect to the switch with an SSH client, the Telnet server can be disabled with this command for additional security, if it was enabled. The Telnet server is disabled by default. SFTOS Version = 2.3.1 (SFTOS) #no ip telnet server enable SFTOS (Config)#no ip telnet server enable Enabling SSL/HTTPS 1. Generate the SSL certificates using the script in the ssl directory, or copy the example certificates (which end in .pem) to your TFTP server. 2. Copy the certificates to NVRAM with TFTP as follows from this example, using the IP address of your TFTP server. SFTOS #copy tftp://192.168.0.10/dh512.pem nvram:sslpem-dhweak Mode TFTP Set TFTP Server IP 192.168.0.10 TFTP Path TFTP Filename dh512.pem Data Type SSL DH weak Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y TFTP SSL certificate receive complete... updating certificate file... Certificate file transfer operation completed successfully SFTOS #copy tftp://192.168.0.10/dh1024.pem nvram:sslpem-dhstrong Mode TFTP Set TFTP Server IP 192.168.0.10 TFTP Path TFTP Filename dh1024.pem Data Type SSL DH strong Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y TFTP SSL certificate receive complete... updating certificate file... Certificate file transfer operation completed successfully SFTOS #copy tftp://192.168.0.10/server.pem nvram:sslpem-server Mode TFTP Set TFTP Server IP 192.168.0.10 TFTP Path TFTP Filename server.pem Data Type SSL Server cert Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y TFTP SSL certificate receive complete... updating certificate file... - 4 -