Lantronix 900-510 Switch User Manual


 
11: User Authentication
SLB™ Branch Office Manager User Guide 167
not used, a user can access multiple hosts without entering a password. In either case,
the authentication is protected against security attacks because both the public key and
the private key are required to authenticate. For both imported and exported SSH keys,
the SLB device supports both RSA and DSA keys, and can import and export keys in
OpenSSH and SECSH formats. Imported and exported keys are saved with the SLB
branch office manager configuration, and the administrator has the option of retaining the
SSH keys during a reset to factory defaults.
The SLB device can also update the SSH RSA1, RSA and DSA host keys that the SSH
server uses with site-specific host keys or reset them to the default values.
Imported Keys
Imported SSH keys must be associated with an SLB local user. The key can be
generated on host "MyHost" for user "MyUser," and when the key is imported into the
SLB branch office manager, it must be associated with either "MyUser" (if "MyUser" is an
existing SLB local user) or an alternate SLB local user. The public key file can be
imported via SCP or FTP; once imported, you can view or delete the public key. Any SSH
connection into the SLB branch office manager from the designated host/user
combination uses the SSH key for authentication.
Exported Keys
The SLB device can generate SSH keys for SSH connections out of the SLB for any SLB
user. The SLB branch office manager retains both the private and public key on the SLB
device, and makes the public key available for export via SCP, FTP, or copy and paste.
The name of the key is used to generate the name of the public key file that is exported
(for example, <keyname>.pub), and the exported keys are organized by user and key
name. Once a key is generated and exported, you can delete the key or view the public
portion. Any SSH connection out of the SLB branch office manager for the designated
host/user combination uses the SSH key for authentication.
To configure the SLB branch office manager to use SSH keys to authenticate
users:
1. From the main menu, select User Authentication SSH Keys. The following
page displays.