Secure Shell And Secure Copy; Configuring Ssh/Scp Features On The Switch; To Enable Or Disable The Ssh Feature - Lenovo RackSwitch G8264 Application Manual

Secure Shell and Secure Copy

Configuring SSH/SCP Features on the Switch

To Enable or Disable the SSH Feature

96
G8264 Application Guide for ENOS 8.4
Because using Telnet does not provide a secure connection for managing a G8264,
Secure Shell (SSH) and Secure Copy (SCP) features have been included for G8264
management. SSH and SCP use secure tunnels to encrypt and secure messages
between a remote administrator and the switch.
SSH is a protocol that enables remote administrators to log securely into the G8264
over a network to execute management commands.
SCP is typically used to copy files securely from one machine to another. SCP uses
SSH for encryption of data on the network. On a G8264, SCP is used to download
and upload the switch configuration via secure channels.
Although SSH and SCP are disabled by default, enabling and using these features
provides the following benefits:
 Identifying the administrator using Name/Password
 Authentication of remote administrators
 Authorization of remote administrators
 Determining the permitted actions and customizing service for individual
administrators
 Encryption of management messages
Encrypting messages between the remote administrator and switch

 Secure copy support
Lenovo Enterprise Network Operating System implements the SSH version 2.0
standard and is confirmed to work with SSH version 2.0‐compliant clients such as
the following:
 OpenSSH_5.4p1 for Linux
 Secure CRT Version 5.0.2 (build 1021)
 Putty SSH release 0.60
SSH and SCP features are disabled by default. To change the SSH/SCP settings,
using the following procedures.
Note: To use SCP, you must first enable SSH.
Begin a Telnet session from the console port and enter the following command:
RS G8264(config)# [no] ssh enable