Chapter 39 Access Control
MGS3700-12C User’s Guide
381
3 Authentication and Data Transmission
After the identification is verified and data encryption activated, a secure tunnel is
established between the client and the server. The client then sends its
authentication information (user name and password) to the server to log in to the
server.
39.6 SSH Implementation on the Switch
Your Switch supports SSH version 2 using RSA authentication and three
encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on
the Switch for remote management and file transfer on port 22. Only one SSH
connection is allowed at a time.
39.6.1 Requirements for Using SSH
You must install an SSH client program on a client computer (Windows or Linux
operating system) that is used to connect to the Switch over SSH.
39.7 Introduction to HTTPS
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL)
is a web protocol that encrypts and decrypts web pages. Secure Socket Layer
(SSL) is an application-level protocol that enables secure transactions of data by
ensuring confidentiality (an unauthorized party cannot read the transferred data),
authentication (one party can identify the other party) and data integrity (you
know if data has been changed).
It relies upon certificates, public keys, and private keys.
HTTPS on the Switch is used so that you may securely access the Switch using the
web configurator. The SSL protocol specifies that the SSL server (the Switch) must
always authenticate itself to the SSL client (the computer which requests the
HTTPS connection with the Switch), whereas the SSL client only should
authenticate itself when the SSL server requires it to do so. Authenticating client
certificates is optional and if selected means the SSL-client must send the Switch a
certificate. You must apply for a certificate for the browser from a CA that is a
trusted CA on the Switch.
Please refer to the following figure.