Filter
Top Products
97
Enhancements in Release F.04.08
Configuring Secure Shell (SSH)
1. Use your SSH client application to create a public/private key pair. Refer to the documentation
provided with your SSH client application for details. The Series 2500 switches support the
following client-public-key properties:
2. Copy the client’s public key (in ASCII, non-encoded format) into a text file (filename.txt). (For
example, you can use the Notepad editor included with the Microsoft® Windows® software. If
you want several clients to use client public-key authentication, copy a public key for each of
these clients (up to ten) into the file. Each key should be separated from the preceding key by
a <CR><LF>.
3. Copy the client-public-key file into a TFTP server accessible to the switch.
Copying a client-public-key into the switch requires the following:
■ One or more client-generated public keys in non-encoded ASCII format. If you are using an
SSHv2 client application, a client may encode its public key in PEM format. To use the client
public-key feature, you will need to convert the key to a non-encoded ASCII format. Refer
to the documentation provided with your SSH client application.
■ A copy of each client public key (up to ten) stored in a single text file on a TFTP server to
which the switch has access. (The text file should contain all client public keys for the clients
you want to have access to the switch.) Terminate all client public-keys in the file except the
last one with a <CR><LF>.
Property Supported
Value
Comments
Key Format ASCII
(no PEM or
other
encoding)
See figure 33 on page 88. The key must be one unbroken, non-encoded ASCII
string. If you add more than one client-public-key to a file, terminate each key
(except the last one) with a <CR><LF>. Spaces are allowed within the key to
delimit the key’s components. Also, the switch supports only SSH version 1. If
your SSH client supports SSHv2, then it may use the PEM format for creating
its public key. In this case, you will need a method for converting the switch’s
PEM-formatted public key into an ASCII-string equivalent. Note that, unlike the
the use of the switch’s public key in an SSH client application, the format of a
client-public-key used by the switch does not include the client’s IP address.
Key Type RSA only
Maximum Supported
Public Key Length
3072 bits Shorter key lengths allow faster operation, but also mean diminished security.
Maximum Key Size 1024
characters
Includes the bit size, public index, modulus, any comments, <CR>, <LF>, and
all blank spaces.
If necessary, you can use an editor application to verify the size of a key. For
example, if you place a client-public-key into a Word for Windows text file and
then click on File | Properties | Statistics, you can view the number of charac-
ters in the file, including spaces.