Web Management Guide-R03
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Basic Management Tasks
- Displaying System Information
- Displaying Hardware/Software Versions
- Configuring Support for Jumbo Frames
- Displaying Bridge Extension Capabilities
- Managing System Files
- Setting the System Clock
- Configuring the Console Port
- Configuring Telnet Settings
- Displaying CPU Utilization
- Displaying Memory Utilization
- Resetting the System
- Interface Configuration
- VLAN Configuration
- Address Table Settings
- Spanning Tree Algorithm
- Congestion Control
- Class of Service
- Quality of Service
- VoIP Traffic Configuration
- Security Measures
- AAA Authorization and Accounting
- Configuring User Accounts
- Web Authentication
- Network Access (MAC Address Authentication)
- Configuring HTTPS
- Configuring the Secure Shell
- Access Control Lists
- Setting A Time Range
- Showing TCAM Utilization
- Setting the ACL Name and Type
- Configuring a Standard IPv4 ACL
- Configuring an Extended IPv4 ACL
- Configuring a Standard IPv6 ACL
- Configuring an Extended IPv6 ACL
- Configuring a MAC ACL
- Configuring an ARP ACL
- Binding a Port to an Access Control List
- Configuring ACL Mirroring
- Showing ACL Hardware Counters
- ARP Inspection
- Filtering IP Addresses for Management Access
- Configuring Port Security
- Configuring 802.1X Port Authentication
- DoS Protection
- IP Source Guard
- DHCP Snooping
- Basic Administration Protocols
- Configuring Event Logging
- Link Layer Discovery Protocol
- Power over Ethernet
- Simple Network Management Protocol
- Configuring Global Settings for SNMP
- Setting the Local Engine ID
- Specifying a Remote Engine ID
- Setting SNMPv3 Views
- Configuring SNMPv3 Groups
- Setting Community Access Strings
- Configuring Local SNMPv3 Users
- Configuring Remote SNMPv3 Users
- Specifying Trap Managers
- Creating SNMP Notification Logs
- Showing SNMP Statistics
- Remote Monitoring
- Switch Clustering
- IP Configuration
- IP Services
- Multicast Filtering
- Overview
- Layer 2 IGMP (Snooping and Query)
- Configuring IGMP Snooping and Query Parameters
- Specifying Static Interfaces for a Multicast Router
- Assigning Interfaces to Multicast Services
- Setting IGMP Snooping Status per Interface
- Filtering Multicast Data at Interfaces
- Displaying Multicast Groups Discovered by IGMP Snooping
- Displaying IGMP Snooping Statistics
- Filtering and Throttling IGMP Groups
- MLD Snooping (Snooping and Query for IPv6)
- Multicast VLAN Registration
- Basic Management Tasks
- Appendices
- Glossary
- Index
Chapter 12
| Security Measures
Configuring the Secure Shell
– 285 –
d. When the server receives this message, it checks whether the supplied
key is acceptable for authentication, and if so, it then checks whether
the signature is correct. If both checks succeed, the client is
authenticated.
Note:
The SSH server supports up to four client sessions. The maximum number of
client sessions includes both current Telnet sessions and SSH sessions.
Note:
The SSH server can be accessed using any configured IPv4 or IPv6 interface
address on the switch.
Configuring the SSH
Server
Use the Security > SSH (Configure Global) page to enable the SSH server and
configure basic settings for authentication.
Note:
A host key pair must be configured on the switch before you can enable the
SSH server. See “Generating the Host Key Pair” on page 286.
Parameters
These parameters are displayed:
◆ SSH Server Status – Allows you to enable/disable the SSH server on the switch.
(Default: Disabled)
◆ Version – The Secure Shell version number. Version 2.0 is displayed, but the
switch supports management access via either SSH Version 1.5 or 2.0 clients.
◆ Authentication Timeout – Specifies the time interval in seconds that the SSH
server waits for a response from a client during an authentication attempt.
(Range: 1-120 seconds; Default: 120 seconds)
◆ Authentication Retries – Specifies the number of authentication attempts
that a client is allowed before authentication fails and the client has to restart
the authentication process. (Range: 1-5 times; Default: 3)
◆ Server-Key Size – Specifies the SSH server key size.
(Range: 512-896 bits; Default:768)
■
The server key is a private key that is never shared outside the switch.
■
The host key is shared with the SSH client, and is fixed at 1024 bits.
Web Interface
To configure the SSH server:
1. Click Security, SSH.
2. Select Configure Global from the Step list.