Client Secure Shell (SSH) User Authentication for the SG350XG and SG550XG Switches

Objective

Secure Shell (SSH) is a protocol that provides a secure remote connection to a specific device. The 350XG and 550XG Series Managed Switches let you authenticate and manage users to connect to the device via SSH. The authentication occurs via a public key, so the user can use this key to establish a SSH connection to a specific device. SSH connections are useful to troubleshoot a network remotely, in the case that the network administrator is not at the network site.

This article explains how to configure client user authentication on the SG350XG and SG550XG Series Managed Switches.

Applicable Devices

• SG350XG
• SG550XG

Software Version

• v2.0.0.73

Configure SSH Client Authentication

Global Configuration

Note: The following screenshots are from the Advanced Display. This can be toggled by clicking the Display Mode drop-down list located in the top right of the screen

Step 1. Log in to the web configuration utility and choose Security > SSH Client > SSH User Authentication. The SSH User Authentication page opens:

Step 2. In the SSH User Authentication Method field, click on the radio button for the desired global authentication method.

The available options are as follows:

• By Password – This option lets you configure a password for user authentication. Enter a password or retain the default, “anonymous”.
• By RSA Public Key – This option lets you use an RSA public key for user authentication. RSA is used for encryption and signing. If this is selected, create an RSA public and Private key in the SSH User Key Table block.
• By DSA Public Key – This option lets you use a DSA public key for user authentication. DSA is used for signing only. If this is selected, create a DSA public/private key in the SSH User Key Table block.

Step 3. Locate the Credentials area. In the Username field, enter the username.

Step 4. If By Password was selected in Step 2, click radio button for the desired password method in the Password field. The default password is “anonymous”.

The available options are described as follows:

• Encrypted – Enter an encrypted password.
• Plaintext – Enter a password as plain text.

Step 5. Click Apply to save the authentication configuration.

Step 6. (Optional) To restore the default username and password, click Restore Default Credentials. The default the password is “anonymous”.

Step 7. (Optional) To view the sensitive data as plaintext or as encrypted text, click Display Sensitive Data as Plaintext/Encrypted.

Note: The button’s name will alter depending on the current setting. The button will always toggle the display of the data.

SSH User Key Table

This section explains how to manage the SSH User Table.

Step 1. Navigate to the SSH User Key Table. In the list displayed, select the checkbox(es) left to the key that you wish to manage .

Step 2. (Optional) Click Generate to generate a new key. The new key overrides the selected key. A confirmation window will pop up. Click OK to continue.

Step 3. (Optional) Click Delete to delete the selected key. A confirmation window will pop up. Click OK to continue.

Step 4. (Optional) Click Details to view the details of the selected key.

The SSH User Key Details page appears. Click Back to return to the SSH User Key Table.

Step 5. Click Edit to edit the chosen key.

The Edit SSH Client Authentication Settings window opens:

Step 6. Select the desired key type from the Key Type drop-down list.

The available options are as follows:

• RSA – RSA is used for encryption and signing.
• DSA – DSA is used for signing only.

Step 7. In the Public Key field, you can edit the current public key.

Step 8. In the Private Key field, you can edit the current private key. Click the

Encrypted radio button to see the current private key as encrypted. Otherwise, click the Plaintext radio button to see the current private key as plain text.

Step 9. Click Apply to save your changes.