11: Security Settings
EDS1100/2100 Device Server User Guide
89
To create new SSH server host keys
Note:
Generating new keys with large bit size results in longer key generation times.
1. Select
SSH
on the menu bar and
SSH Server: Host Keys
at the top of the page. The SSH
Server Host Keys page appears.
2. Enter or modify the following settings in the part of the screen related to creating new keys:
Table 11-4 SSH Server Host Keys Settings - Create New Keys Method
3. Click
Submit.
Note:
SSH Keys from other programs may be converted to the required EDS1100/2100
format. Use Open SSH to perform the conversion.
SSH Server Authorized Users
On this page you can change SSH server settings for Authorized Users. SSH Server Authorized
Users are accounts on the EDS1100/2100 device server that can be used to log into the
EDS1100/2100 using SSH. For instance, these accounts can be used to SSH into the CLI or open
an SSH connection to a device port. Every account must have a password.
The user's public keys are optional and only necessary if public key authentication is required.
Using public key authentication allows a connection to be made without the password being
asked.
Under
Current Configuration
,
User
has a
Delete User
link, and
Public RSA Key
and
Public
DSA Key
have
View Key
and
Delete Key
links. If you click a
Delete
link, a message asks whether
you are sure you want to delete this information. Click
OK
to proceed or
Cancel
to cancel the
operation.
SSH Server: Host Keys
Settings
Description
Key Type
Select a key type to use:
RSA
= use this key with SSH1 and SSH2 protocols.
DSA
= use this key with the SSH2 protocol.
Note:
RSA is more secure.
Bit Size
Select a bit length for the new key:
512
768
1024
Using a larger bit size takes more time to generate the key. Approximate times
are:
10 seconds for a 512 bit RSA Key
15 seconds for a 768 bit RSA Key
1 minute for a 1024 bit RSA Key
30 seconds for a 512 bit DSA Key
1 minute for a 768 bit DSA Key
2 minutes for a 1024 bit DSA Key
Note:
Some SSH clients require RSA host keys to be at least 1024 bits long.
This device generates keys up to 1024 bits long. It can work with larger keys
(up to 2048 bit) if they are imported or otherwise created.