Home » Lantronix Manuals » Electronics Accessories » Lantronix EDS1100 » Manual Viewer

Lantronix EDS1100 EDS1100 / EDS2100 - User Guide - Page 84

: Security Settings, SSH Settings

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

11: Security Settings The EDS1100/2100 device supports Secure Shell (SSH) and Secure Sockets Layer (SSL). SSH is a network protocol for securely accessing a remote device. SSH provides a secure, encrypted communication channel between two hosts over a network. It provides authentication and message integrity services. Secure Sockets Layer (SSL) is a protocol that manages data transmission security over the Internet. It uses digital certificates for authentication and cryptography against eavesdropping and tampering. It provides encryption and message integrity services. SSL is widely used for secure communication to a web server. SSL uses certificates and private keys. Note: The EDS1100/2100 supports SSLv3 and its successors, TLS1.0 and TLS1.1. An incoming SSlv2 connection attempt is answered with an SSlv3 response. If the initiator also supports SSLv3, SSLv3 handles the rest of the connection. This chapter contains the following sections:  SSH Server Host Keys  SSH Server Authorized Users  SSH Client Known Hosts  SSH Client User  SSL Cipher Suites  SSL Certificates  SSL RSA or DSA  SSL Certificates and Private Keys  SSL Utilities  SSL Configuration SSH Settings SSH is a network protocol for securely accessing a remote device over an encrypted channel. This protocol manages the security of internet data transmission between two hosts over a network by providing encryption, authentication, and message integrity services. Two instances require configuration: when the EDS1100/2100 is the SSH server and when it is an SSH client. The SSH server is used by the CLI (Command Mode) and for tunneling in Accept Mode. The SSH client is for tunneling in Connect Mode. To configure the EDS1100/2100 as an SSH server, there are two requirements:  Defined host keys: both private and public keys are required. These keys are used for the Diffie-Hellman key exchange (used for the underlying encryption protocol).  Defined users: these users are permitted to connect to the EDS1100/2100 SSH server. This page has four links at the top for viewing and changing SSH server host keys, SSH server authorized keys, SSH client known hosts, and SSH client users. EDS1100/2100 User Guide 84

Section	Page
EDS1100/2100 User Guide	1
Copyright & Trademark	2
Warranty	2
Contacts	2
Disclaimer	2
Revision History	3
Table of Contents	4
List of Figures	9
List of Tables	11
1: About This Guide	13
Chapter and Appendix Summaries	13
Additional Documentation	14
2: Introduction	15
Key Features	15
Applications	15
Protocol Support	16
Evolution OS™	16
Additional Features	16
Modem Emulation	16
Web-Based Configuration and Troubleshooting	16
Command-Line Interface (CLI)	17
VIP Access	17
SNMP Management	17
XML-Based Architecture and Device Control	17
Really Simple Syndication (RSS)	17
Enterprise-Grade Security	17
Terminal Server/Device Management	18
Troubleshooting Capabilities	18
Configuration Methods	18
Addresses and Port Numbers	19
Hardware Address	19
IP Address	19
Port Numbers	19
Product Information Label	19
3: Installation of EDS1100	21
Package Contents	21
User-Supplied Items	21
Hardware Components	22
Back Panel	23
Reset Button	23
Top LEDs	24
Installing the EDS1100	24
4: Installation of EDS2100	26
Package Contents	26
User-Supplied Items	26
Hardware Components	26
Back Panel	28
Reset Button	28
Top LEDs	28
Installing the EDS2100	29
5: Using DeviceInstaller	31
Accessing EDS1100/2100 Using DeviceInstaller	31
Device Details Summary	31
6: Configuration Using Web Manager	33
Accessing Web Manager	33
Device Status Page	34
Web Manager Page Components	35
Navigating the Web Manager	36
7: Network Settings	38
Network 1 (eth0) Interface Status	38
Network 1 (eth0) Interface Configuration	39
Network 1 Ethernet Link	41
8: Line and Tunnel Settings	42
Line Settings	42
Line Statistics	42
Line Configuration	43
Line Command Mode	45
Tunnel Settings	46
Tunnel – Statistics	47
Tunnel – Serial Settings	49
Tunnel – Packing Mode	50
Tunnel – Accept Mode	53
Tunnel – Connect Mode	56
Connecting Multiple Hosts	60
Host List Promotion	60
Tunnel – Disconnect Mode	61
Tunnel – Modem Emulation	62
9: Terminal and Host Settings	65
Terminal Settings	65
Line Terminal Configuration	65
Network Terminal Configuration	67
Host Configuration	68
10: Service Settings	69
DNS Settings	69
PPP Settings	70
SNMP Settings	72
FTP Settings	73
TFTP Settings	74
Syslog Settings	75
HTTP Settings	76
HTTP Statistics	76
HTTP Configuration	77
HTTP Authentication	79
RSS Settings	80
LPD Settings	81
LPD Statistics	81
LPD Configuration	82
11: Security Settings	84
SSH Settings	84
SSH Server Host Keys	85
SSH Server Authorized Users	86
SSH Client Known Hosts	88
SSH Client User	89
SSL Settings	91
SSL Cipher Suites	91
SSL Certificates	92
SSL RSA or DSA	92
SSL Certificates and Private Keys	92
SSL Utilities	93
OpenSSL	93
Steel Belted Radius	93
FreeRadius	93
SSL Configuration	94
12: Modbus	97
Serial Transmission Mode	97
Modbus Statistics	98
Modbus Configuration	99
13: Maintenance and Diagnostics Settings	100
Filesystem Settings	100
Filesystem Statistics	100
Filesystem Browser	101
Protocol Stack Settings	104
TCP Settings	104
IP Settings	105
ICMP Settings	105
ARP Settings	107
SMTP Settings	108
IP Address Filter	109
Query Port	110
Diagnostics	111
Hardware	111
MIB-II Statistics	112
IP Sockets	113
Ping	113
Traceroute	115
Log	116
Memory	118
Buffer Pools	118
Processes	119
System Settings	121
14: Advanced Settings	123
Email Settings	123
Email Statistics	123
Email Configuration	124
Command Line Interface Settings	126
CLI Statistics	126
CLI Configuration	126
XML Settings	128
XML: Export Configuration	128
XML: Export Status	130
XML: Import Configuration	131
Import Configuration from External File	132
Import Configuration from the Filesystem	133
Import Line(s) from Single Line Settings on the Filesystem	135
15: VIP Settings	137
Obtaining a Bootstrap File	137
Importing the Bootstrap File	137
Enabling VIP	138
Configuring Tunnels to Use VIP	138
Virtual IP (VIP) Statistics	138
Virtual IP (VIP) Counters	139
Virtual IP (VIP) Configuration	139
16: Branding the EDS1100/2100	140
Web Manager Customization	140
Short and Long Name Customization	140
17: Updating Firmware	142
Obtaining Firmware	142
Loading New Firmware	142
Appendix - Technical Support	143
Technical Support US	143
Technical Support Europe, Middle East, Africa	143
Appendix - Binary to Hexadecimal Conversions	144
Converting Binary to Hexadecimal	144
Conversion Table	144
Scientific Calculator	145
Appendix - Compliance	146
Index	148

Match case Limit results 1 per page

EDS1100/2100 User Guide

11:

Security Settings

The EDS1100/2100 device supports Secure Shell (SSH) and Secure Sockets Layer (SSL). SSH is

a network protocol for securely accessing a remote device. SSH provides a secure, encrypted

communication channel between two hosts over a network. It provides authentication and

message integrity services.

Secure Sockets Layer (SSL) is a protocol that manages data transmission security over the

Internet. It uses digital certificates for authentication and cryptography against eavesdropping and

tampering. It provides encryption and message integrity services. SSL is widely used for secure

communication to a web server. SSL uses certificates and private keys.

Note:

The EDS1100/2100 supports SSLv3 and its successors, TLS1.0 and TLS1.1. An

incoming SSlv2 connection attempt is answered with an SSlv3 response. If the initiator

also supports SSLv3, SSLv3 handles the rest of the connection.

This chapter contains the following sections:



SSH Server Host Keys



SSH Server Authorized Users



SSH Client Known Hosts



SSH Client User



SSL Cipher Suites



SSL Certificates



SSL RSA or DSA



SSL Certificates and Private Keys



SSL Utilities



SSL Configuration

SSH Settings

SSH is a network protocol for securely accessing a remote device over an encrypted channel. This

protocol manages the security of internet data transmission between two hosts over a network by

providing encryption, authentication, and message integrity services.

Two instances require configuration: when the EDS1100/2100 is the SSH server and when it is an

SSH client. The SSH server is used by the CLI (Command Mode) and for tunneling in Accept

Mode. The SSH client is for tunneling in Connect Mode.

To configure the EDS1100/2100 as an SSH server, there are two requirements:



Defined host keys:

both private and public keys are required. These keys are used for the

Diffie-Hellman key exchange (used for the underlying encryption protocol).



Defined users:

these users are permitted to connect to the EDS1100/2100 SSH server.

This page has four links at the top for viewing and changing SSH server host keys, SSH server

authorized keys, SSH client known hosts, and SSH client users.