Device Manager Online Help # Go back one pageGo to the next page#Go to this book's Index

Supported SSH and SCP clients


SSH Client Secure Shell (SSH) Secure Copy (SCP)
Tera Term Pro with TTSSH extension
Windows 2000
  • Supports SSH-1 client only.
  • Authentication:
  • - RSA
    - Password
  • Does not include a keygen tool.
  • A separate key generation tool such as PuTTYgen must be used to generate an RSA key in SSHv1 format.
  • Client distribution does not include SCP client.
  • Tested on the 8600 with the following applications:
  • - Pageant (authentication agent holding private keys in memory)
    - PSCP (secure copy client)
Secure Shell Client
Window 2000
  • Supports SSH-2 client.
  • Authentication:
  • - DSA
    - Password
  • Provides a keygen tool.
  • It creates a DSA key in SSHv2 format.
  • Client distribution includes a SCP client which is not compatible with the 8600.
OpenSSH
Unix Solaris 2.5 / 2.6
  • Supports SSH-1 and SSH-2 clients.
  • Authentication:
  • - RSA
    - DSA
    - Password
  • Provides a keygen tool.
  • It creates both RSA and DSA keys in SSH v1 format.
  • Client distribution includes a SCP client which is supported on the 8600.

After you have installed one of the SSH clients described in Table 98, you must generate a client and server key using the RSA or DSA algorithms.


Note Note: Authentication keys are not saved to a backup SSF if one is present. You can use TFTP or FTP to copy the keys to a backup SSF.

The 8600 generates a DSA public and private server key pair. The public part of the key for DSA is stored in/flash/.ssh/dsa_pub.key. If a DSA key pair does not exist, the 8600 will automatically generate one, once the SSH server is enabled. To authenticate a client using DSA, the administrator has to copy the public part of the client DSA key to the 8600.

Table 99 describes access levels and file names used for storing the SSH client authentication information using DSA.


Access level File name
Client key in IETF format (SSHv2)
RWA
/flash/.ssh/dsa_key_rwa_ietf
RW
/flash/.ssh/dsa_key_rw_ietf
RO
/flash/.ssh/dsa_key_ro_ietf
L3
/flash/.ssh/dsa_key_rwl3_ietf
L2
/flash/.ssh/dsa_key_rwl2_ietf
L1
/flash/.ssh/dsa_key_rwl1_ietf
Client key in non IETF format
RWA
/flash/.ssh/dsa_key_rwa
RW
/flash/.ssh/dsa_key_rw
RO
/flash/.ssh/dsa_key_ro
L3
/flash/.ssh/dsa_key_rwl3
L2
/flash/.ssh/dsa_key_rwl2
L1
/flash/.ssh/dsa_key_rwl1
WSM
14admin
/flash/.ssh/dsa_key_14admin
slbadmin
/flash/.ssh/dsa_key_slbadmin
oper
/flash/.ssh/dsa_key_oper
14oper
/flash/.ssh/dsa_key_14_oper
slboper
/flash/.ssh/dsa_key_slboper

The 8600 generates an RSA public and private server key pair. The public part of the key for RSA is stored in/flash/.ssh/ssh_key_rsa_pub.key. If an RSA key pair does not exist, the 8600 will automatically generate one, once the SSH server is enabled. To authenticate a client using RSA, the administrator has to copy the public part of the client RSA key to the 8600.

Table 100 describes the access level and file name used for storing the SSH client authentication information using RSA.


Access level File name
Client key in IETF format
RWA
/flash/.ssh/rsa_key_rwa
RW
/flash/.ssh/rsa_key_rw
RO
/flash/.ssh/rsa_key_ro
L3
/flash/.ssh/rsa_key_rwl3
L2
/flash/.ssh/rsa_key_rwl2
L1
/flash/.ssh/rsa_key_rwl1
WSM
14admin
/flash/.ssh/rsa_key_14admin
slbadmin
/flash/.ssh/rsa_key_slbadmin
oper
/flash/.ssh/rsa_key_oper
14oper
/flash/.ssh/rsa_key_14_oper
slboper
/flash/.ssh/rsa_key_slboper

See also:


Go back one pageGo to the next page##Go to this book's Index