Encryption Via Ssh Protocol - Siemens SINUMERIK 840DE sl Commissioning Manual

Service and diagnostics
7.6 Remote access
7.6.6

Encryption via SSH protocol

Security
The security of SSH is ensured by a series of cryptographic algorithms for encryption and
authentication.
Authentication
The server identifies itself to the client with an RSA, DSA or ECDSA certificate, which enables
detection of manipulation in the network (no other server can identify itself as a known server).
The client can authenticate itself either by public key authentication with a private key whose
public key is stored on the server, or with a normal password. While in the latter case, user
interaction is always necessary (unless the password is stored unencrypted on the client
computer), public key authentication allows client computers to log on to SSH servers without
user interaction, without a password having to be stored in plain text on the client. However,
for added security the private SSH keys can also be protected with a password.
Subsystems
In the case of Secure Subsystem Execution, subsystems that were defined in an SSH server
installation can be executed remotely without knowing the precise path of the program
executed on the server. SFTP is the most common subsystem.
Further information
● Chapter Setting up and using SSH (Page 169).
● "NCU Operating System" Commissioning Manual (IM7).
● Description of PuTTy.
170
Commissioning Manual, 12/2017, 6FC5397-1DP40-6BA1
PCU Base Software (IM10)