HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 222
Overview, Client Public Key Authentication Model
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 222 highlights
Configuring Secure Shell (SSH) Overview Overview Feature Generating a public/private key pair on the switch Using the switch's public key Enabling SSH Enabling client public-key authentication Default No n/a Disabled Disabled Enabling user authentication Disabled Menu CLI Web n/a page 6-10 n/a n/a page 6-13 n/a n/a page 6-15 n/a n/a pages 6-21, n/a 6-24 n/a page 6-20 n/a The switches covered in this guide use Secure Shell version 2 (SSHv2) to provide remote access to management functions on the switches via encrypted paths between the switch and management station clients capable of SSH operation. SSH provides Telnet-like functions but, unlike Telnet, SSH provides encrypted, authenticated transactions. The authentication types include: ■ Client public-key authentication ■ Switch SSH and user password authentication Client Public Key Authentication (Login/Operator Level) with User Password Authentication (Enable/Manager Level). This option uses one or more public keys (from clients) that must be stored on the switch. Only a client with a private key that matches a stored public key can gain access to the switch. (The same private key can be stored on one or more clients.) ProCurve Switch (SSH Server) 1. Switch-to-Client SSH authentication. 2.Client-to-Switch (login rsa) authentication 3.User-to-Switch (enable password) authentication options: - Local - TACACS+ - RADIUS - None Figure 6-1. Client Public Key Authentication Model SSH Client WorkStation 6-2