Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
11121314151617181920
Implicitly denying any IP traffic.................................................................................225
Monitoring shared resources.........................................................................................225
Event log messages.....................................................................................................225
Causes of client deauthentication immediately after authenticating................................226
8 Secure Shell (SSH)..................................................................................227
Configuring.........................................................................................................................227
Steps for configuring and using SSH for switch and client authentication.................................227
Configuring the switch for SSH operation............................................................................228
Disable Username Prompt For Management Interface Authentication in the Quick Base system....238
Switch behavior with Telnet...........................................................................................239
Switch behavior with SSH.............................................................................................240
Switch behavior with WebUI.........................................................................................241
About configuring SSH.....................................................................................................243
Prerequisite for using SSH............................................................................................243
SSH client and secure sessions......................................................................................243
Public key formats.......................................................................................................243
SSH client public-key authentication notes.......................................................................243
General operating rules and operating notes..................................................................244
Messages related to SSH operation...............................................................................245
Logging messages.......................................................................................................246
Debug logging...........................................................................................................246
Viewing...............................................................................................................................246
Opening a secure session to an HP switch...........................................................................246
Using..................................................................................................................................247
Prerequisite for using SSH.................................................................................................247
Public Key Formats...........................................................................................................247
Creating a Client Public-Key text file....................................................................................247
Replacing or clearing the Public-Key file..............................................................................250
Enabling client Public-Key authentication.............................................................................250
Using client public-key authentication..................................................................................250
Copying client key files.....................................................................................................251
Copying the SSH-Client-Known-Hosts file.............................................................................251
Replacing or appending the SSH-client-known-hosts file....................................................251
Copying the SSH client known hosts file to another location..............................................252
Copying the Host public key.........................................................................................253
Removing the SSH client key pair..................................................................................253
Removing the SSH client known hosts file........................................................................253
Displaying open sessions..................................................................................................254
Overview............................................................................................................................254
Client Public-Key authentication (login/operator level) with user password authentication
(enable/manager level)....................................................................................................254
9 Secure web management........................................................................256
Configuration summary.........................................................................................................256
Assigning a local login (operator) and enabling (manager) password.....................................256
Using the WebAgent to configure local passwords..........................................................256
Installing the switch's server web host certificate...................................................................256
Self-signed certificate...................................................................................................256
Authority-signed certificate...........................................................................................257
Enabling SSL on the switch and anticipating SSL browser contact behavior..............................257
Using the CLI interface to enable web management over SSL/TLS......................................257
Overview............................................................................................................................258
Server certificate authentication with user password authentication.........................................258
Contents 11