HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 283
Configuring Key Lengths, 3. Providing the Switch’s Public Key to Clients
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 283 highlights
Notes Configuring Secure Shell (SSH) Configuring the Switch for SSH Operation "Zeroizing" the switch's key automatically disables SSH (sets ip ssh to no). Thus, if you zeroize the key and then generate a new key, you must also reenable SSH with the ip ssh command before the switch can resume SSH operation. Configuring Key Lengths The crypto key generate ssh command allows you to specify the type and length of the generated host key. The size of the host key is platform-dependent as different switches have different amounts of processing power. The size is represented by the parameter and has the values shown in Table 7-2. The default value is used if keysize is not specified. Table 7-2. RSA/DSA Values Platform 2610 Maximum RSA Key Size (in bits) 3072 Default: 1024 DSA Key Size (in bits) 1024 Bit Size 3. Providing the Switch's Public Key to Clients When an SSH client contacts the switch for the first time, the client will challenge the connection unless you have already copied the key into the client's "known host" file. Copying the switch's key in this way reduces the chance that an unauthorized device can pose as the switch to learn your access passwords. The most secure way to acquire the switch's public key for distribution to clients is to use a direct, serial connection between the switch and a management device (laptop, PC, or UNIX workstation), as described below. The public key generated by the switch consists of three parts, separated by one blank space each: Exponent Modulus 896 35 427199470766077426366625060579924214851527933248752021855126493 2934075407047828604329304580321402733049991670046707698543529734853020 0176777055355544556880992231580238056056245444224389955500310200336191 3610469786020092436232649374294060627777506601747146563337525446401 Figure 7-6. Example of a Public Key Generated by the Switch 7-13