Filter
Top Products
8-14
VPN 3002 Hardware Client Reference
OL-1893-01
Chapter 8 Management Protocols
Configuration | System | Management Protocols | SSH
Enable SSH
Check the box to enable the SSH server. The box is checked by default. Disabling the SSH server
provides additional security by preventing SSH access.
Enable SSH on Public
Check the box to enable SSH on the Public interface.
SSH Port
Enter the port number that the SSH server uses. The default is 22, which is the well-known port.
Maximum Sessions
Enter the maximum number of concurrent SSH sessions allowed. Minimum is 1, default is 4, and
maximum is 10.
Key Regeneration Period
Enter the server key regeneration period in minutes. If the server key has been used for an SSH session,
the VPN 3002 regenerates the key at the end of this period. Minimum is 0 (which disables key
regeneration, default is 60 minutes, and maximum is 10080 minutes (1 week).
Note Use 0 (disable key regeneration) only for testing, since it lessens security.
Encryption Algorithms
Check the boxes for the encryption algorithms that the VPN 3002 SSH server can negotiate with a client
and use for session encryption. All algorithms are checked by default. You must check at least one
algorithm to enable a secure session. Unchecking all algorithms disables SSH.
• 3DES-168 = Triple-DES encryption with a 168-bit key. This option is the most secure but requires
the greatest processing overhead.
• RC4-128 = RC4 encryption with a 128-bit key. This option provides adequate security and
performance.
• DES-56 = DES encryption with a 56-bit key. This option is least secure but provides the greatest
export flexibility.
• No Encryption = Connect without encryption. This option provides no security and is for testing
purposes only. It is not checked by default.