Filter
Top Products
ES-2108 Series User’s Guide
130 Chapter 22 Access Control
Figure 74 SSH Login Example
22.8 Introduction to HTTPS
HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-
level protocol that enables secure transactions of data by ensuring confidentiality (an
unauthorized party cannot read the transferred data), authentication (one party can identify the
other party) and data integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys.
HTTPS on the switch is used so that you may securely access the switch using the web
configurator. The SSL protocol specifies that the SSL server (the switch) must always
authenticate itself to the SSL client (the computer which requests the HTTPS connection with
the switch), whereas the SSL client only should authenticate itself when the SSL server
requires it to do so. Authenticating client certificates is optional and if selected means the SSL-
client must send the switch a certificate. You must apply for a certificate for the browser from
a CA that is a trusted CA on the switch.
Please refer to the following figure.
C:\>ssh2 admin@192.168.1.1
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the host key has just been changed.
Please contact your system administrator.
Add correct host key to "C:/Documents and Settings/Administrator/Application
Data/SSH/hostkeys/key_22_192.168.1.1.pub" to get rid of this message.
Received server key's fingerprint: xigil-gidot-homug-duzab-tocyh-pamyb-
ronep-tisaf-hebip-gokeb-goxix You can get a public key's fingerprint by
running % ssh-keygen -F publickey.pub
on the keyfile. Agent forwarding is disabled to avoid attacks by corrupted
servers. X11 forwarding is disabled to avoid attacks by corrupted servers.
Are you sure you want to continue connecting (yes/no)? yes
Do you want to change the host key on disk (yes/no)? yes
Agent forwarding re-enabled.
X11 forwarding re-enabled.
Host key saved to C:/Documents and Settings/Administrator/Application Data/
SSH/hostkeys/key_22_192.168.1.1.pub host key for 192.168.1.1, accepted by
Administrator Thu May 12 2005 09:52:21
admin's password:
Authentication successful.
Copyright (c) 1994 - 2005 ZyXEL Communications Corp.
ras>