Home » Lantronix Manuals » Electronics Accessories » Lantronix EDS8PR » Manual Viewer

Lantronix EDS8PR EDS - User Guide - Page 103

SSL Settings, SSL Cipher Suites

Add to My Manuals
Save this manual to your list of manuals

Page 103 highlights

12: Security Settings SSL Settings Secure Sockets Layer (SSL) is a protocol for managing the security of data transmission over the Internet. It provides encryption, authentication, and message integrity services. SSL is widely used for secure communication to a web server. Certificate/Private key combinations can be obtained from an external Certificate Authority (CA) and downloaded into the unit. Self-signed certificates with associated private key can be generated by the device server itself. For more information regarding Certificates and how to obtain them, see SSL Certificates and Private Keys (on page 104). SSL uses digital certificates for authentication and cryptography against eavesdropping and tampering. Sometimes only the server is authenticated, sometimes both server and client. The EDS can be server and/or client, depending on the application. Public key encryption systems exchange information and keys and set up the encrypted tunnel. Efficient symmetric encryption methods encrypt the data going through the tunnel after it is established. Hashing provides tamper detection. Applications that can make use of SSL are Tunneling, Secure Web Server, and WLAN interface. The EDS supports SSlv3 and its successors, TLS1.0 and TLS1.1. Note: An incoming SSlv2 connection attempt is answered with an SSlv3 response. If the initiator also supports SSLv3, SSLv3 handles the rest of the connection. SSL Cipher Suites The SSL standard defines only certain combinations of certificate type, key exchange method, symmetric encryption, and hash method. Such a combination is called a cipher suite. Supported cipher suites include the following: Table 12-13 Supported Cipher Suites Certificate Key Exchange Encryption Hash DSA RSA RSA RSA RSA RSA RSA RSA DHE RSA RSA RSA RSA 1024 bits RSA 1024 bits RSA 1024 bits RSA 3DES 128 bits AES Triple DES 128 bits RC4 128 bits RC4 56 bits RC4 56 bits RC4 40 bits RC4 SHA1 SHA1 SHA1 MD5 SHA1 MD5 SHA1 MD5 Whichever side is acting as server decides which cipher suite to use for a connection. It is usually the strongest common denominator of the cipher suite lists supported by both sides. EDS User Guide 103

Section	Page
EDS Device Servers/Terminal Servers User Guide	1
Copyright & Trademark	2
Warranty	2
Contacts	2
Disclaimer	2
Revision History	3
Table of Contents	4
List of Figures	10
List of Tables	12
1: About This Guide	14
Chapter and Appendix Summaries	14
Additional Documentation	15
2: Introduction	16
EDS8PS and EDS16PS Overview	17
Features	17
EDS4100 Overview	18
Features	18
EDS8PR, EDS16PR, and EDS32PR Overview	19
Features	19
Applications	20
Protocol Support	20
Evolution OS™	20
Additional Features	21
Modem Emulation	21
Web-Based Configuration and Troubleshooting	21
Command-Line Interface (CLI)	21
VIP Access	21
SNMP Management	21
XML-Based Architecture and Device Control	21
Really Simple Syndication (RSS)	21
Enterprise-Grade Security	21
Terminal Server/Device Management	22
Troubleshooting Capabilities	22
Configuration Methods	22
Addresses and Port Numbers	23
Hardware Address	23
IP Address	23
Port Numbers	23
Product Information Label	24
3: Installation of EDS8PS and EDS16PS	25
Package Contents	25
User-Supplied Items	25
Identifying Hardware Components	26
Serial Ports	26
Console Port	26
Ethernet Port	27
LEDs	27
Reset Button	27
Reboot the device:	27
Restore factory defaults:	28
Installing the EDS8/16PS	28
Finding a Suitable Location	28
Connecting the EDS8/16PS	28
Connect the EDS8/16PS to one or more serial devices.	28
4: Installation of EDS4100	30
Package Contents	30
User-Supplied Items	30
Identifying Hardware Components	30
Serial Ports	31
Ethernet Port	32
Terminal Block Connector	33
LEDs	33
Reset Button	33
Physically Installing the EDS4100	34
Finding a Suitable Location	34
Connecting the EDS4100	34
Connect the EDS4100 to one or more serial devices.	34
5: Installation of EDS8PR, EDS16PR and EDS32PR	36
Package Contents	36
User-Supplied Items	36
Identifying Hardware Components	37
Serial Ports	37
Console Port	37
Ethernet Port	38
LEDs	38
Reset Button	39
Installing the EDS8/16/32PR	39
Finding a Suitable Location	39
Connecting the EDS8/16/32PR	39
6: Using DeviceInstaller	41
Accessing EDS Using DeviceInstaller	41
Device Details Summary	41
7: Configuration Using Web Manager	43
Accessing Web Manager	43
Device Status Page	44
Web Manager Page Components	45
Navigating the Web Manager	46
8: Network Settings	48
Network 1 (eth0) Interface Status	48
Network 1 (eth0) Interface Configuration	49
Network 1 Ethernet Link	51
9: Line and Tunnel Settings	52
Line Settings	52
Line Statistics	52
Line Configuration	53
Line Command Mode	55
Tunnel Settings	56
Tunnel – Statistics	57
Tunnel – Serial Settings	59
Tunnel – Packing Mode	60
Tunnel – Accept Mode	63
Tunnel – Connect Mode	66
Connecting Multiple Hosts	70
Host List Promotion	70
Tunnel – Disconnect Mode	71
Tunnel – Modem Emulation	72
10: Terminal and Host Settings	75
Terminal Settings	75
Line Terminal Configuration	75
Network Terminal Configuration	77
Host Configuration	78
11: Service Settings	79
DNS Settings	79
SNMP Settings	80
FTP Settings	81
TFTP Settings	83
Syslog Settings	84
HTTP Settings	85
HTTP Statistics	85
HTTP Configuration	86
HTTP Authentication	88
RSS Settings	89
LPD Settings	90
LPD Statistics	90
LPD Configuration	91
12: Security Settings	93
SSH Settings	93
SSH Server Host Keys	94
SSH Server Authorized Users	98
SSH Client Known Hosts	100
SSH Client Users	101
SSL Settings	103
SSL Cipher Suites	103
SSL Certificates	104
SSL RSA or DSA	104
SSL Certificates and Private Keys	104
SSL Utilities	105
OpenSSL	105
Steel Belted RADIUS	105
Free RADIUS	105
SSL Configuration	106
13: Modbus	109
Serial Transmission Mode	109
Modbus Statistics	110
Modbus Configuration	111
14: Maintenance and Diagnostics Settings	112
Filesystem Settings	112
Filesystem Statistics	112
Filesystem Browser	113
Protocol Stack Settings	115
TCP Settings	115
IP Settings	116
ICMP Settings	116
ARP Settings	118
SMTP Settings	119
IP Address Filter	120
Query Port	121
Diagnostics	122
Hardware	122
MIB-II Statistics	123
IP Sockets	124
Ping	124
Traceroute	126
Log	127
Memory	129
Buffer Pools	129
Processes	130
Real Time Clock	132
System Settings	132
15: Advanced Settings	134
Email Settings	134
Email Statistics	134
Email Configuration	135
Command Line Interface Settings	137
CLI Statistics	137
CLI Configuration	137
XML Settings	139
XML: Export Configuration	140
XML: Export Status	141
XML: Import Configuration	142
Import Configuration from External File	142
Import Configuration from the Filesystem	143
Import Line(s) from Single Line Settings on the Filesystem	145
16: VIP Settings	147
Obtaining a Bootstrap File	147
Importing the Bootstrap File	147
Enabling VIP	148
Configuring Tunnels to Use VIP	148
Virtual IP (VIP) Statistics	148
Virtual IP (VIP) Counters	149
Virtual IP (VIP) Configuration	149
17: Branding the EDS	150
Web Manager Customization	150
Short and Long Name Customization	150
18: Updating Firmware	151
Obtaining Firmware	151
Loading New Firmware	151
Appendix A - Technical Support	152
Technical Support US	152
Technical Support Europe, Middle East, Africa	152
Appendix B - Binary to Hexadecimal Conversions	153
Converting Binary to Hexadecimal	153
Conversion Table	153
Scientific Calculator	154
Appendix C - Compliance	155
Lithium Battery Notice	156
Installationsanweisungen	156
Rackmontage	156
Energiezufuhr	157
Erdung	157
Installation Instructions	157
Rack Mounting	157
Input Supply	157
Grounding	157
Appendix D - Lantronix Cables and Adapters	158
Index	159

Match case Limit results 1 per page

12: Security Settings

EDS User Guide

103

SSL Settings

Secure Sockets Layer (SSL) is a protocol for managing the security of data transmission over the

Internet. It provides encryption, authentication, and message integrity services. SSL is widely used

for secure communication to a web server.

Certificate/Private key combinations can be obtained from an external Certificate Authority (CA)

and downloaded into the unit.

Self-signed certificates with associated private key can be

generated by the device server itself.

For more information regarding Certificates and how to obtain them, see

SSL Certificates and

Private Keys (on page 104)

SSL uses digital certificates for authentication and cryptography against eavesdropping and

tampering. Sometimes only the server is authenticated, sometimes both server and client. The

EDS can be server and/or client, depending on the application. Public key encryption systems

exchange information and keys and set up the encrypted tunnel.

Efficient symmetric encryption methods encrypt the data going through the tunnel after it is

established. Hashing provides tamper detection.

Applications that can make use of SSL are Tunneling, Secure Web Server, and WLAN interface.

The EDS supports SSlv3 and its successors, TLS1.0 and TLS1.1.

Note:

An incoming SSlv2 connection attempt is answered with an SSlv3 response. If the

initiator also supports SSLv3, SSLv3 handles the rest of the connection.

SSL Cipher Suites

The SSL standard defines only certain combinations of certificate type, key exchange method,

symmetric encryption, and hash method. Such a combination is called a cipher suite. Supported

cipher suites include the following:

Whichever side is acting as server decides which cipher suite to use for a connection. It is usually

the strongest common denominator of the cipher suite lists supported by both sides.

Table 12-13

Supported Cipher Suites

Certificate

Key Exchange

Encryption

Hash

DSA

DHE

3DES

SHA1

RSA

128 bits AES

SHA1

RSA

Triple DES

SHA1

RSA

128 bits RC4

MD5

RSA

128 bits RC4

SHA1

RSA

1024 bits RSA

56 bits RC4

MD5

RSA

1024 bits RSA

56 bits RC4

SHA1

RSA

1024 bits RSA

40 bits RC4

MD5