Black Box LES1132A Server User Manual


 
If the host key has been legitimately changed, it can be removed from the ~/.ssh/known_hosts file and
the new fingerprint added. If it has not changed, this indicates a serious problem that should be
investigated immediately.
15.6.7 SSH tunneled serial bridging
You have the option to apply SSH tunneling when two Black Box console servers are configured for serial
bridging.
As detailed in Chapter 4, the Server console server is setup in Console server mode with either RAW or
RFC2217 enabled and the Client console server is set up in Serial Bridging Mode with the Server Address,
and Server TCP Port (4000 + port for RAW or 5000 + port # for RFC2217) specified:
Select SSH Tunnel when configuring the Serial Bridging Setting.
Next, you will need to set up SSH keys for each end of the tunnel and upload these keys to the Server
and Client console servers.
Client Keys:
The first step in setting up ssh tunnels is to generate keys. Ideally, you will use a separate, secure,
machine to generate and store all keys to be used on the console servers. If this is not ideal for your
situation, keys may be generated on the console servers themselves.
It is possible to generate only one set of keys, and reuse them for every SSH session. While we do not
recommend this, each organization will need to balance the security of separate keys against the
additional administration they bring.
Generated keys may be one of two types—RSA or DSA (and it is beyond the scope of this document to
recommend one over the other). RSA keys will go into the files id_rsa and id_rsa.pub. DSA keys will be
stored in the files id_dsa and id_dsa.pub.
_____________________________________________________________________
724-746-5500 | blackbox.com Page 258