Advanced Operations 8
Switched Power Distribution Unit
49
EN
8
Advanced Operations
8.1 SSL
Secure Socket Layers (SSL) version 3 enables
secure HTML sessions between a PDU Remote
Power Manager and a remote user. SSL pro-
vides two chief features designed to make TCP/IP
(Internet) transmitted data more secure:
•
Authentication – The connecting client is as-
sured of the identity of the server.
•
Encryption – All data transmitted between the
client and the server is encrypted rendering
any intercepted data unintelligible to any third
party.
SSL uses the public-and-private key encryption
system by RSA, which also requires the use of
digital certificates. An SSL Certificate is an elec-
tronic file uniquely identifying individuals or web-
sites and enables encrypted communication; SSL
Certificates serve as a kind of digital passport or
credential. The PDU product’s SSL Certificate
enables the client to verify the PDU’s authenticity
and to communicate with the PDU securely via an
encrypted session, protecting confidential infor-
mation from interception and hacking.
SSL Command Summary
Command
Description
Set SSL
Enables/disables SSL sup-
port
Set SSL Access
Sets SSL access as optional
or required
8.1.1 Setting up SSL Support
Note!
A restart of the PDU is required after
setting or changing ANY SSL configura-
tions.
Enabling or disabling SSL support:
The Set SSL command is used to enable or dis-
able SSL support.
To enable or disable SSL support:
At the Switched PDU: prompt, type set ssl, fol-
lowed by enabled or disabled and press Enter.
Setting SSL access level:
The Set SSL Access command is used to assign
use of SSL as optional or required. The default
access level is set to optional.
To change the access level:
At the Switched PDU: prompt, type set ssl ac-
cess, followed optional or required, and press
Enter.
Example
The following changes the access level to re-
quired:
Switched PDU: set ssl access required<Enter>
SSL Technical Specifications
Secure Socket Layer (SSL) version 3
Transport Layer Security (TLS) version 1 (RFC
2246)
SSL/TLS-enabled HTTPS server (RFC 2818)
Self-Signed X.509 Certificate version 3 (RFC
2459)
Asymmetric Cryptography:
1024-bit RSA Key Exchange
Symmetric Cryptography Ciphers:
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
8.2 SSH
Secure Shell (SSH) version 2 enables secure
network terminal sessions between a PDU Re-
mote Power Manager and a remote user over
insecure network. SSH provides an encrypted
terminal sessions with strong authentication of
both the server and client, using public-key cryp-
tography and is typically used as a replacement
for unencrypted Telnet. In addition to enabling
secure network terminal sessions to the PDU for
configuration and power management, the SSH
session may be used for secure Pass-Thru con-
nections to attached devices.
SSH requires the configuration and use of a client
agent on the client PC. There are many freeware,
shareware or for-purchase SSH clients available.
Two examples are the freeware client PuTTY and
the for-purchase client SecureCRT
by Van-
Dyke
Software. For configuration and use of
these clients, please refer to the applicable soft-
ware documentation.