User`s guide
231
When checked, this checkbox enables the router to accept traffic on ports other than 23.
This functionality is for use with SSH client applications (such as PuTTY) that has port
forwarding capability. For example, one the SSH connection is active, traffic for the HTTP
port 80 can be sent to the router securely.
Command Session IP Address a.b.c.d Port p
The values in these two text boxes are used to specify the host IP address and port number
that the router will use to handle incoming requests for a command session from SSH
clients. This is instead of the router’s normal command interpreter. For example, if the
values are IP address 127.0.0.1, port 4000, the SSH client will make a direct connection to
ASY 0 and the device attached to ASY 0 will receive and process the commands from the
SSH client.
Enable support for SSH v1.5
When checked, this checkbox allows the server to negotiate SSH V1.5. The router must also
have a SSH V1 key present and the filename entered into the SSG configuration.
Server key size
This option applies to V1 SSH. During initialisation of an SSH session, the server sends its
host key and a server key (which should be of a different size to the host key). The router
generates this key automatically but the length of the server key is determined by this
parameter. If when this value is set it is too similar to the length of the host key, the router
will automatically adjust the selected value so that the key sizes are significantly different.
Enable support for SSH v2.0
When checked, this checkbox allows the server to negotiate SSH V2. The router must also
have a SSH V2 key present and the filename entered into the SSG configuration.
Actively start key exchange
This option applies to V2 SSH. Some SSH clients wait for the server to initiate the key
exchange process when a new SSH session is started unless they have data to send to the
server, in which case they will initiate the key exchange themselves. When checked, this
checkbox will cause the router to automatically initiate a key exchange without waiting for
the client.
Rekey Never/After n units of data have been transferred
With SSH V2 it is possible to negotiate new encryption keys after the current ones have
been used to encrypt a specified amount of data. The radio buttons select whether this
feature should be used. If this feature is to be used the amount of data is entered into the
text box and the applicable units (Kbytes, Mbytes, Gbytes) selected from the drop-down list.
Encryption Preferences
The following four configuration options allocate preferences to the encryption method that
should be used to encrypt data on the link. A lower value indicates greater preference apart
from zero which disables the option.
3DES
The value in this text box is the preference level for the Triple-DES algorithm.
AES (128 bits)
The value in this text box is the preference level for the 128-bit AES algorithm.
AES (192 bits)
The value in this text box is the preference level for the AES algorithm using 192 bits.
AES (256 bits)
The value in this text box is the preference level for the AES algorithm using 256 bits.
Authentication Preferences