Lantronix XPort AR Network Card User Manual


 
XPort AR User Guide 125
8: SSH and SSL Security
The XPort AR supports Secure Shell (SSH) and Secure Sockets Layer (SSL). These
security protocols are configurable through the Web Manager (see SSH Settings on
page 42 and SSL Settings on page 46) and Command Mode (see SSH Menu on
page 103 and SSL Menu on page 106).
Note: This chapter overviews security configuration using Web Manager.
Secure Shell: SSH
SSH is a network protocol for securely accessing a remote device. This protocol
provides a secure, encrypted communication channel between two hosts over a
network.
To configure the SSH settings, there are two instances that require configuration:
when the XPort AR is the SSH server and when it is an SSH client. The SSH server
is used by the CLI (Command Mode) and for tunneling in Accept Mode. Use the
SSH client for tunneling in Connect Mode.
SSH Server Configuration
To configure the XPort AR as an SSH server, there are two requirements:
Defined host keys: both private and public keys are required. They keys are
used for the Diffie-Hellman key exchange (used for the underlying encryption
protocol).
Defined users: these users are permitted to connect to the XPort AR’s SSH
server.
To configure SSH server settings:
1. Click SSH Æ Server Host Keys from the navigation menu. The SSH Server:
Host Keys page displays.
2. To configure the host keys:
a) If the keys exist, locate the Private Key and Public Key using the Browse
button. Select the Key Type (RSA is more secure) and click Submit to
upload the keys.
i. SSH keys may be created on another computer and uploaded to
the XPort AR. To do so, use the following command using Open
SSH to care a 768-bit DSA key pair:
ssh-keygen –b 768 –t dsa