Server User Manual

ManualsBrandsBlack Box ManualsServerLES1308A

251

252

253

254

255

256

257

258

259

260

.. replacing yourusername with the username

config.system.snmp.username2 (3 only)

To set the Engine ID field (SNMP version 3 only)

config --set config.system.snmp.password2=yourpassword

.. replacing yourpassword with the password

Once the fields are set, apply the configuration with the following command:

config --run snmp

You can add a third or more SNMP servers by incrementing the "2" in the above commands, e.g.

config.system.snmp.protocol3, config.system.snmp.address3, etc.

15.6 Secure Shell (SSH) Public Key Authentication

This section covers how to generate public and private keys in a Linux and Windows environment and

configure SSH for public key authentication. The steps to use in a Clustering environment are:

- Generate a new public and private key pair.

- Upload the keys to the Master and to each Slave console server.

- Fingerprint each connection to validate.

15.6.1 SSH Overview

Popular TCP/IP applications such as telnet, rlogin, ftp, and others transmit their passwords unencrypted.

Doing this across pubic networks like the Internet can have catastrophic consequences. It leaves the

door open for eavesdropping, connection hijacking, and other network-level attacks.

Secure Shell (SSH) is a program to log into another computer over a network, to execute commands in a

remote machine, and to move files from one machine to another. It provides strong authentication and

secure communications over insecure channels.

OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to

effectively eliminate these risks. Additionally, OpenSSH provides a myriad of secure tunneling

capabilities, as well as a variety of authentication methods.

OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of Unix. OpenSSH is

based on the last free version of Tatu Ylonen's sample implementation with all patent-encumbered

algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced, and

many other clean-ups. http://www.openssh.com/ The only changes in the Black Box SSH

implementation are:

- PAM support

- EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are absent from

other versions of UNIX

- The config files are now in /etc/config. e.g.

 /etc/config/sshd_config instead of /etc/sshd_config

 /etc/config/ssh_config instead of /etc/ssh_config

 /etc/config/users/<username>/.ssh/ instead of /home/<username>/.ssh/

_____________________________________________________________________

724-746-5500 | blackbox.com Page 251