Tripp Lite B0930082E4UV Owners Manual for B093- B097- and B098-Series Console - Page 251

15. Advanced Configuration To set the SNMP Manager v3 Security Level field: config --set="config.system.snmp.seclevel3=noAuthNoPriv" or config --set="config.system.snmp.seclevel3=authNoPriv" or config --set="config.system.snmp.seclevel3=authPriv" To set the SNMP Manager v3 Username field: config --set="config.system.snmp.username3=username" To set the SNMP Manager v3 Auth. Protocol and password fields: config -set="config.system.snmp.authprotocol3=SHA" or config --set="config.system.snmp.authprotocol3=MD5" config --set="config.system.snmp.authpassword3=password 1" To set the SNMP Manager v3 Privacy Protocol and password fields: config -set="config.system.snmp.privprotocol3=AES" or config -set="config.system.snmp.privprotocol3=DES" config --set="config.system.snmp.privpassword3=password 2" Once the fields are set, apply the configuration with the following command: config --run snmp You can add a third or more SNMP servers by incrementing the "2" in the above commands (e.g., config.system.snmp. protocol3, config.system.snmp.address3, etc.). 15.6 Secure Shell (SSH) Public Key Authentication This section covers the generation of public and private keys in a Linux and Windows environment and configuring SSH for public key authentication. The steps to use in a clustering environment are: • Generate a new public and private key pair. • Upload the keys to the primary device and to each secondary console server. • Fingerprint each connection to validate. 15.6.1 SSH Overview Popular TCP/IP applications such as telnet, rlogin, ftp and others transmit their passwords unencrypted. Doing this across pubic networks like the Internet can have catastrophic consequences, as it allows an opening for eavesdropping, connection hijacking, and other network-level attacks. Secure Shell (SSH) is a program used to log into another computer over a network, execute commands in a remote machine and move files from one machine to another. It provides strong authentication and secure communications over insecure channels. OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to effectively eliminate these risks. Additionally, OpenSSH provides myriad secure tunneling capabilities, as well as a variety of authentication methods. OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of UNIX. OpenSSH is based on the last free version of Tatu Ylonen's sample implementation, with all patent-encumbered algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced and many other fixes. The only changes in the Tripp Lite SSH implementation are: • PAM support. • EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are absent from other versions of UNIX. • The config files are now in /etc/config. e.g. o /etc/config/sshd_config instead of /etc/sshd_config o /etc/config/ssh_config instead of /etc/ssh_config o /etc/config/users//.ssh / instead of /home//.ssh/ 251