Manualshelf

Specifications

ManualsBrandsEnterasys ManualsNetworkingMatrix-V V2H124-24
51525354555657585960
User Authentication
2-29
2
CLI – In configuration mode enter the secure hyper-text transfer protocol port
number, and enable the secure server.
Replacing the Default Secure-site Certificate
When you log onto the web interface using HTTPS (for secure access), a Secure
Sockets Layer (SSL) certificate appears for the switch. By default, the certificate that
Netscape and Internet Explorer display will be associated with a warning that the
site is not recognized as a secure site. This is because the certificate has not been
signed by an approved certification authority. If you want this warning to be replaced
by a message confirming that the connection to the switch is secure, you must
obtain a unique certificate and a private key and password from a recognized
certification authority.
Caution: For maximum security, we recommend you obtain a unique Secure Sockets
Layer certificate at the earliest opportunity. This is because the default
certificate for the switch is not unique to the hardware you have purchased.
When you have obtained these, place them on your TFTP server, and use the
following command at the switch's command-line interface to replace the default
(unrecognized) certificate with an authorized one:
Note: The switch must be reset for the new certificate to be activated. To reset the
switch, type “reload” at the command prompt:
Console#reload
Configuring SSH
The Berkley-standard includes remote access tools originally designed for Unix
systems. Some of these tools have also been implemented for Microsoft Windows
and other environments. These tools, including commands such as rsh (remote
shell) and rexec (remote execute), are not secure from hostile attacks.
The Secure Shell (SSH) includes server/client applications intended as a secure
replacement for the older Berkley remote access tools. SSH can also provide
remote management access to this switch as a secure replacement for Telnet.
When the client contacts the switch via the SSH protocol, the switch generates a
public-key that the client uses along with a local user name and password for access
authentication.
Note that you need to install an SSH client on the management station to access the
switch for management via the SSH protocol.
Note:The switch supports only SSH Version 1.5.
Console(config)#ip http secure-port 1 3-28
Console(config)#ip http secure-server 3-27
Console(config)#
Console#copy tftp https-certificate 3-46
TFTP server ip address: <server ip-address>
Source certificate file name: <certificate file name>
Source private file name: <private key file name>
Private password: <password for private key>