Manualshelf

Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect B-TI24x
941942943944945946947948949950
PowerConnect B-Series TI24X Configuration Guide 915
53-1002269-02
Configuring SSH2
27
To hide the public keys in the running configuration file, enter the following command.
PowerConnect# ssh no-show-host-keys
Syntax: ssh no-show-host-keys
Providing the public key to clients
If you are using SSH to connect to a device from a UNIX system, you may need to add the public key
on the device to a “known hosts” file; for example, $HOME/.ssh/known_hosts. The following is an
example of an entry in a known hosts file.
Configuring DSA challenge-response authentication
With DSA challenge-response authentication, a collection of clients’ public keys are stored on the
device. Clients are authenticated using these stored public keys. Only clients that have a private
key that corresponds to one of the stored public keys can gain access to the device using SSH.
When DSA challenge-response authentication is enabled, the following events occur when a client
attempts to gain access to the device using SSH.
1. The client sends its public key to the device.
2. The device compares the client public key to those stored in memory.
3. If there is a match, the device uses the public key to encrypt a random sequence of bytes.
4. The device sends these encrypted bytes to the client.
5. The client uses its private key to decrypt the bytes.
6. The client sends the decrypted bytes back to the device.
7. The device compares the decrypted bytes to the original bytes it sent to the client. If the two
sets of bytes match, it means that the client private key corresponds to an authorized public
key, and the client is authenticated.
Setting up DSA challenge-response authentication consists of the following steps.
1. Importing authorized public keys into the device.
2. Enabling DSA challenge response authentication