9.1.4 SSH security-related functions
SSH has five features that use cryptographic techniques to ensure security.
-
Host authentication
-
User authentication
-
Shared session key
-
Encryption
-
Messaging Authorization (SSHv2 only)
This chapter describes each function.
- <Structure of this section>
(1) Host authentication
Host Authentication is the ability for SSH clients to authenticate SSH servers.
Each SSH server has a different host key pair. SSHv1 authenticates the server by communicating from the client to the server with public-key cryptography using the host public key. By SSHv2, the server authenticates the server by creating a digital signature with the host private key and the client verifies the signature with the host public key. The following table lists the public key algorithms and sizes supported by the Switch.
SSH Version |
Public key Algorithm |
Key size |
|
---|---|---|---|
SSH servers |
SSH clients |
||
SSHv1 |
RSA |
1024bit |
1024bit~2048bit |
SSHv2 |
ECDSA |
521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256) |
521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256) |
RSA |
1024bit, 2048bit, 3072bit, 4096bit |
512bit~5120bit |
|
DSA |
1024bit |
512bit~1536bit |
SSH server function of the Switch generates a RSA 1024bit for SSHv1 and a RSA 2048bit for SSHv2 by default. To use a non-default key pair or to generate a new key pair, use the operation-command set ssh hostkey. To remove key pairs for algorithms that do not require SSHv2, use the operation-command erase ssh hostkey. Note that RSA host key pairs in SSHv1 cannot be deleted.
SSH client maintains the hostpublic key of the server to which it was previously connected. SSH client displays the public key fingerprint (hash-value) when connecting to SSH server for the first time or when the server's host public key is changed, and asks the user to verify the correct public key. By comparing the fingerprint of the server's host public key that was previously announced to the user with the fingerprint that was displayed when the user connected, you can prevent spoofing of the server.
To check the fingerprint of the host public key and the host public key of SSH server function of the Switch, use the operation-command show ssh hostkey. The following table shows the display contents and display format.
SSH Versioning |
Displayed information |
Display format |
---|---|---|
SSHv1 |
Public key |
SSHv1 format |
Fingerprint |
SECSH(MD5) Format (RFC4716) |
|
Fingerprint |
SHA256 format |
|
SSHv2 |
Public key |
OpenSSH format |
Fingerprint |
SECSH(MD5) Format (RFC4716) |
|
Fingerprint |
SHA256 format |
The following tables show the format of the fingerprint displayed when SSH client function of the Switch connects to the server for the first time.
SSH Versioning |
Displayed information |
Display format |
---|---|---|
SSHv1 |
Fingerprint |
SECSH(MD5) Format (RFC4716) |
Fingerprint |
SHA256 format |
|
SSHv2 |
Fingerprint |
SECSH(MD5) Format (RFC4716) |
Fingerprint |
SHA256 format |
(2) User Authentication
User authentication is the ability for SSH servers to authenticate SSH clients. The Switch supports the following two user authentication methods:
-
Public key authentication
-
Password authentication
The user authentication method used by SSH servers of the Switch can be set using the configuration command ip ssh authentication. Note that SSH client of the Switch supports only password-authentication.
(a) Public key authentication
This function authenticates a user using a public key algorithm. Each user has a key pair. SSH servers have a user's public key configured. SSHv1 authenticates users by communicating with public-key cryptography from servers. By SSHv2, the client creates a digital signature with the user's private key and the server authenticates the user by verifying the signature.
In the Switch, only SSH server function supports public key authentication, and SSH client function does not support public key authentication. Note that public key authentication cannot be used for the user authentication method when connecting from the Switch to another Switch by SSH.
The following tables show the public key algorithms and public keys supported by the Switch's SSH servers for user authentication.
SSH Version |
Public key Algorithm |
Size of the user public key |
---|---|---|
SSHv1 |
RSA |
512bit~2560bit |
SSHv2 |
ECDSA |
521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256) |
RSA |
512bit~5120bit |
|
DSA |
512bit~1536bit |
SSH servers on the Switch use the configuration command ip ssh authkey to register the user public key. The following table lists the public key formats that can be registered.
SSH Versioning |
Display format |
---|---|
SSHv1 |
SSHv1 public key file |
Numeric string indicating the public key in SSHv1 format |
|
SSHv2 |
SECSH(RFC4716) Public key file in the form |
OpenSSH public key file |
|
String indicating the public key in SECSH or OpenSSH format |
(b) Password authentication
SSH client sends the username and password, and SSH server verifies the username and password by matching the useraccount information in the server, or by querying the authenticator server for the correct username and password, for example, through RADIUS/TACACS+. By SSH, user credentials are encrypted so that eavesdropping does not compromise passwords.
The Switch supports password-authentication for both SSH servers and SSH clients. However, passwords cannot be authenticated to users who have not set passwords on SSH servers of the Switch. To use password authentication as the user authentication method for connecting SSH to the Switch, set a password for the user account.
(3) Shared session key
This function shares the session key used as a symmetric key for encryption and message authentication of the secure communication channel between the server and the client. By SSHv1, the client creates a session key and sends the session key from the client to the server using RSA public key cryptography during host authentication. By SSHv2, the key exchange method generates the same session key for both the server and the client.
The Switch allows you to select the key exchange method used by SSHv2 servers. To select the key exchange method, use the configuration command ip ssh key-exchange.
(4) Encryption
This function encrypts the secure communication channel. Symmetric ciphers are used for encryption, but SSHv2 can also use authenticated ciphers.
The Switch can restrict the encryption method of SSHv2 servers by setting the configuration command ip ssh ciphers. You can also specify the encryption method used for SSH client facility by using-c parameter for the operation command of SSH client facility.
(5) Message authentication
This function authenticates the secure channel data. It exists only in SSHv2. Message authentication uses a message authentication code. Also, if you use encryption with authentication as the encryption method, authenticate the data using encryption with authentication.
You can restrict the message authentication codes of SSHv2 servers by setting the configuration command ip ssh macs on the Switch. You can also specify the message-authentication method used by SSHv2 client facility by using-m parameter for the operation command of SSHv2 client facility.