D-Link DGS-3427 Product Manual - Page 343
Secure Shell (SSH
UPC - 790069283161
View all D-Link DGS-3427 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 343 highlights
xStack® DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch Key File Name SSL Status Cache Timeout (6086400 sec) RSA with RC4 128 MD5 RSA with 3DES EDE CBC SHA Enter the path and the filename of the key file to download. This file must have a .der extension (Ex. c:/pkey.der) Configuration Use the pull-down menu to enable or disable the SSL status on the switch. The default is Disabled. This field will set the time between a new key exchange between a client and a host using the SSL function. A new SSL session is established every time the client and host go through a key exchange. Specifying a longer timeout will allow the SSL session to reuse the master key on future connections with that particular host, therefore speeding up the negotiation process. The default setting is 600 seconds. Ciphersuite This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. DHE DSS with 3DES EDE This ciphersuite combines the DSA Diffie Hellman key exchange, CBC Block Cipher CBC SHA 3DES_EDE encryption and SHA Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40-bit keys. Use the pull-down menu to enable or disable this ciphersuite. This field is Enabled by default. Click Apply to implement the changes. NOTE: Certain implementations concerning the function and configuration of SSL are not available on the Web-based management of this Switch and need to be configured using the command line interface. NOTE: Enabling the SSL command will disable the web-based switch management. To log on to the Switch again, the header of the URL must begin with https://. Entering anything else into the address field of the Web browser will result in an error and no authentication will be granted. Secure Shell (SSH) SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts. SSH, with its array of unmatched security features is an essential tool in today's networking environment. It is a powerful guardian against numerous existing security hazards that now threaten network communications. The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the Switch (the SSH server) are as follows: 1. Create a user account with admin-level access using the User Accounts window in the Security Management folder. This is identical to creating any other admin-level User Account on the Switch, including specifying a password. This password is used to logon to the Switch, once a secure communication path has been established using the SSH protocol. 2. Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the SSH User Authentication window. There are three choices as to the method SSH will use to authorize the user, which are Host Based, Password and Public Key. 334