Manualshelf

User`s guide

ManualsBrandsCyclades ManualsNetworkingAlterPath OnBoard
651652653654655656657658659660
604
AlterPath OnSite Administratorโ€™s and Userโ€™s Guide
consolidation, SRM substantially lowers the cost and complexity of deploying
service processors. SRM also lowers the security risks of using service
processors by providing centralized authentication and user access control,
isolating vulnerable service processor protocols from the production network
and communicating with authenticated and authorized users over the public
network using higher-end secure protocols (such as SSH, SSL, and HTTPS).
SSH
Secure shell, developed by SSH Communications Security, Ltd., is a UNIX-
based shell and protocol that provides strong authentication and secure
communications over unsecured channels. Unlike telnet, ftp, and the
rcp
/rsh/remsh programs, SSH encrypts everything it sends over the
network. Many Cyclades products support SSH version 1 and SSH version 2.
Since SSH1 and SSH2 are entirely different, incompatible protocols, it is
important when given a choice between enabling one or the other of the two
SSH versions to enable the version that is available on the computer being
used to access the Cyclades equipment. The OpenSSH
(www.openssh.org) package is used on the AlterPath OnSite. THe OnSite
uses the Open SSH version that is certified by the Cryptographic Module
Validation (CMV) program run by the U.S. National Institute of Standards
(NIST) and the Canadian governmentโ€™s Communications Security
Establishment (CSE). Authorized users on the AlterPath OnSite can enter an
OnSite-specific set of commands such as poweron, poweroff, powercycle
when using ssh on the command line to perform service processor
management actions.
SSL (secure sockets layer)
A protocol for transmitting private documents via the Internet. Also used for
the type of connection used for transmitting the information. Uses two keys to
encrypt data being transferred: a public key and a private or secret key known
only to the message receiver. See also HTTP/HTTPS.
system event log (See event log)
TACACS+ (Terminal Access Controller Access Control System)
An authentication protocol (pronounced tak-ak_plus) that provides separate
authentication, authorization, and accounting services. Based on TACACS,
but completely incompatible with it. Uses the TCP protocol, which is seen by