Using the Secure Shell Protocol (SSH) 79Using the SecureShell Protocol (SSH)Secure Shell (SSH) provides a secure replacement for management accessvia Telnet. When an SSH management client contacts the switch, theswitch first compares the public-key and password provided by the clientagainst those stored locally before granting access. SSH also encrypts alldata transfers passing between the switch and SSH management clients,and ensures that data traveling over the network arrives unaltered.Note that you need to install an SSH client on the management station toaccess the switch for management via the SSH protocol.The switch supports both SSH Version 1.5 and 2.0 clients.The SSH server on this switch supports local password authentication.Note that although the switch only supports password authentication,you still have to generate a public key on the switch.To use the SSH server, complete these steps:1 Generate a Host Key Pair – No keys are generated in the switch’s factorydefault configuration. You must use the SSH Key Generate Page to createa public host key.2 Provide Host Public Key to Clients – Many SSH client programsautomatically import the host public key during the initial connectionsetup with the switch. Otherwise, you need to manually create a knownhosts file on the management station and place the host public key in it.An entry for a public key in the known hosts file would appear similar tothe following example:10.1.0.54 1024 3515684995401867669259333946775054617325313674890836547254150202455931998685443583616519999233297817660658309561082591321289023376546801726272571413428762941301196195566782595664104869574278881462065194174677298486546861571773939016477935594230357741309802273708779454524083971752646358058176716709574804776117Password Authentication (for SSH v1.5 or V2 Clients)a The client sends its password to the server.b The switch compares the client's password to those stored in memory.c If a match is found, the connection is allowed.