User guide
3-8 E
XTREME
W
ARE
S
OFTWARE
U
SER
G
UIDE
M
ANAGING
THE
S
WITCH
To enable SSH2, use the following command:
enable ssh2 {access-profile [<access_profile> | none]} {port
<tcp_port_number>}
An authentication key must be generated for each SSH2 session. This can be done
automatically by the switch or by the client application. To have the key generated by
the switch, use the following command:
config ssh2 key {pregenerated}
If you do not select automatic key generation, you are prompted to enter the key when
you enable SSH2.
You can specify a list of pre-defined clients that are allowed SSH2 access to the switch.
To do this, you must create an access profile that contains a list of allowed IP addresses.
For more information on creating access profiles, refer to Chapter 16.
You can also specify a TCP port number to be used for SSH2 communication. By default
the TCP port number is 22.
The supported cipher is 3DES-CBC. The supported key exchange is DSA.
For additional information on the SSH protocol refer to [FIPS-186] Federal Information
Processing Standards Publication (FIPSPUB) 186, Digital Signature Standard, 18 May
1994. This can be download from: ftp://ftp.cs.hut.fi/pub/ssh. General technical
information is also available from http://www.ssh.fi.
After you obtain the SSH2 key value, copy the key to the SSH2 client application. Also,
ensure that the client is configured for any non-default access list or TCP port
information that you have configured on the switch. Once these tasks are accomplished,
you may form an SSH2-encrypted session with the switch.
U
SING
E
XTREME
W
ARE
V
ISTA
ExtremeWare Vista is device-management software running in the switch that enables
you to access the switch over a TCP/IP network using a standard Web browser. Any
properly configured standard Web browser that supports frames (such as Netscape
Navigator 3.0 or above, or Microsoft Internet Explorer 3.0 or above) can manage the
switch over a TCP/IP network.