Supported SSH and SCP clients
Tera Term Pro with TTSSH extension
Windows 2000
|
- Supports SSH-1 client only.
- Authentication:
- Does not include a keygen tool.
- A separate key generation tool such as PuTTYgen must be used to generate an RSA key in SSHv1 format.
- Note: The 8600 does not generate a log message when a RSA key is manually generated.
|
- Client distribution does not include SCP client.
- Tested on the 8600 with the following applications:
| - Pageant (authentication agent holding private keys in memory) |
| - PSCP (secure copy client) |
|
Secure Shell Client
Window 2000
|
- Supports SSH-2 client.
- Authentication:
- Provides a keygen tool.
- It creates a DSA key in SSHv2 format.
- Note: The 8600 generates a log message stating that a DSA key has been generated.
|
- Client distribution includes a SCP client which is not compatible with the 8600.
|
OpenSSH
Unix Solaris 2.5 / 2.6
|
- Supports SSH-1 and SSH-2 clients.
- Authentication:
- Provides a keygen tool.
- It creates both RSA and DSA keys in SSH v1 format.
|
- Client distribution includes a SCP client which is supported on the 8600.
|
After you have installed one of the SSH clients described in Table 277, you must generate a client and server key using the RSA or DSA algorithms.
|
Note:
Authentication keys are not saved to a backup SSF if one is present. You can use TFTP or FTP to copy the keys to a backup SSF.
|
The 8600 generates a DSA public and private server key pair. The public part of the key for DSA is stored in/flash/.ssh/dsa_pub.key. If a DSA key pair does not exist, the 8600 will automatically generate one, once the SSH server is enabled. To authenticate a client using DSA, the administrator has to copy the public part of the client DSA key to the 8600.
Table 278 describes access levels and file names used for storing the SSH client authentication information using DSA.
| |
Client key in IETF format (SSHv2)
|
RWA
|
/flash/.ssh/dsa_key_rwa_ietf
|
RW
|
/flash/.ssh/dsa_key_rw_ietf
|
RO
|
/flash/.ssh/dsa_key_ro_ietf
|
L3
|
/flash/.ssh/dsa_key_rwl3_ietf
|
L2
|
/flash/.ssh/dsa_key_rwl2_ietf
|
L1
|
/flash/.ssh/dsa_key_rwl1_ietf
|
| |
Client key in non IETF format
|
RWA
|
/flash/.ssh/dsa_key_rwa
|
RW
|
/flash/.ssh/dsa_key_rw
|
RO
|
/flash/.ssh/dsa_key_ro
|
L3
|
/flash/.ssh/dsa_key_rwl3
|
L2
|
/flash/.ssh/dsa_key_rwl2
|
L1
|
/flash/.ssh/dsa_key_rwl1
|
| |
WSM
|
14admin
|
/flash/.ssh/dsa_key_14admin
|
slbadmin
|
/flash/.ssh/dsa_key_slbadmin
|
oper
|
/flash/.ssh/dsa_key_oper
|
14oper
|
/flash/.ssh/dsa_key_14_oper
|
slboper
|
/flash/.ssh/dsa_key_slboper
|
ssladmin
|
/flash/.ssh/dsa_key_ssladmin
|
The 8600 generates an RSA public and private server key pair. The public part of the key for RSA is stored in/flash/.ssh/ssh_key_rsa_pub.key. If an RSA key pair does not exist, the 8600 will automatically generate one, once the SSH server is enabled. To authenticate a client using RSA, the administrator has to copy the public part of the client RSA key to the 8600.
Table 279 describes the access level and file name used for storing the SSH client authentication information using RSA.
| |
Client key in IETF format
|
RWA
|
/flash/.ssh/rsa_key_rwa
|
RW
|
/flash/.ssh/rsa_key_rw
|
RO
|
/flash/.ssh/rsa_key_ro
|
L3
|
/flash/.ssh/rsa_key_rwl3
|
L2
|
/flash/.ssh/rsa_key_rwl2
|
L1
|
/flash/.ssh/rsa_key_rwl1
|
| |
WSM
|
14admin
|
/flash/.ssh/rsa_key_14admin
|
slbadmin
|
/flash/.ssh/rsa_key_slbadmin
|
oper
|
/flash/.ssh/rsa_key_oper
|
14oper
|
/flash/.ssh/rsa_key_14_oper
|
slboper
|
/flash/.ssh/rsa_key_slboper
|
ssladmin
|
/flash/.ssh/rsa_key_ssladmin
|
See also: