Tripp Lite 93-2879 Server User Manual


 
_____________________________________________________________________
B096-016 B096-048 and B092-016 User Manual Page 189
To use public key authentication with SDT Connector, first you must first create an RSA or
DSA key pair (using ssh-keygen, PuTTYgen or a similar tool) and add the public part of your
SSH key pair to the Console Server – as described in the earlier section.
Next, add the private part of your SSH key pair (this file is typically named id_rsa or id_dsa)
to SDT Connector client. Click Edit -> Preferences -> Private Keys -> Add, locate the private
key file and click OK. You do not have to add the public part of your SSH key pair, it is
calculated using the private key.
SDT Connector will now use public key authentication when SSH connecting through the
Console Server. You may have to restart SDT Connector to shut down any existing tunnels that
were established using password authentication.
If you have a host behind the Console Server that you connect to by clicking the SSH button in
SDT Connector, you can also configure it for public key authentication. Essentially, what you are
using is SSH over SSH, and the two SSH connections are entirely separate, and the host
configuration is entirely independent of SDT Connector and the Console Server. You must
configure the SSH client that SDT Connector launches (e.g. Putty, OpenSSH) and the host's SSH
server for public key authentication.
15.7 Secure Sockets Layer (SSL) Support
Secure Sockets Layer (SSL) is a protocol developed by Netscape for transmitting private
documents via the Internet. SSL works by using a private key to encrypt data that's transferred
over the SSL connection.
The Console Server includes OpenSSL. The OpenSSL Project is a collaborative effort to develop a
robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure
Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-
strength general purpose cryptography library. The project is managed by a worldwide
community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL
toolkit and its related documentation.
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson.
The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you
are free to get and use it for commercial and non-commercial purposes, subject to some simple
license conditions. In the Console Server, OpenSSL is used primarily in conjunction with ‘http’ in
order to have secure browser access to the GUI management console across insecure networks.
More documentation on OpenSSL is available from: