11.1.4 SSH security-related functions

SSH has five features that use cryptographic techniques to ensure security.

Host authentication
User authentication
Shared session key
Encryption
Messaging Authorization (SSHv2 only)

This chapter describes each function.

<Structure of this section>

(1) Host authentication

Host Authentication is the ability for SSH clients to authenticate SSH servers.

Each SSH server has a different host key pair. SSHv1 authenticates the server by communicating from the client to the server with public-key cryptography using the host public key. By SSHv2, the server authenticates the server by creating a digital signature with the host private key and the client verifies the signature with the host public key. The following table lists the public key algorithms and sizes supported by the Switch.

Table 11-6: Public key algorithms and sizes of host key pairs supported by the Switch
SSH Version	Public key Algorithm	Key size
SSH Version	Public key Algorithm	SSH servers	SSH clients
SSHv1	RSA	1024bit	1024bit~2048bit
SSHv2	ECDSA	521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256)	521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256)
	RSA	1024bit, 2048bit, 3072bit, 4096bit	512bit~5120bit
	DSA	1024bit	512bit~1536bit

SSH server function of the Switch generates a RSA 1024bit for SSHv1 and a RSA 2048bit for SSHv2 by default. To use a non-default key pair or to generate a new key pair, use the operation-command set ssh hostkey. To remove key pairs for algorithms that do not require SSHv2, use the operation-command erase ssh hostkey. Note that RSA host key pairs in SSHv1 cannot be deleted.

SSH client maintains the hostpublic key of the server to which it was previously connected. SSH client displays the public key fingerprint (hash-value) when connecting to SSH server for the first time or when the server's host public key is changed, and asks the user to verify the correct public key. By comparing the fingerprint of the server's host public key that was previously announced to the user with the fingerprint that was displayed when the user connected, you can prevent spoofing of the server.

To check the fingerprint of the host public key and the host public key of SSH server function of the Switch, use the operation-command show ssh hostkey. The following table shows the display contents and display format.

Table 11-7 Host public key and fingerprint display format for SSH server features
SSH Versioning	Displayed information	Display format
SSHv1	Public key	SSHv1 format
	Fingerprint	SECSH(MD5) Format (RFC4716)
	Fingerprint	SHA256 format
SSHv2	Public key	OpenSSH format
	Fingerprint	SECSH(MD5) Format (RFC4716)
	Fingerprint	SHA256 format

The following tables show the format of the fingerprint displayed when SSH client function of the Switch connects to the server for the first time.

Table 11-8 Unknown host fingerprint display format for SSH client functions
SSH Versioning	Displayed information	Display format
SSHv1	Fingerprint	SECSH(MD5) Format (RFC4716)
SSHv1	Fingerprint	SHA256 format
SSHv2	Fingerprint	SECSH(MD5) Format (RFC4716)
SSHv2	Fingerprint	SHA256 format

(2) User Authentication

User authentication is the ability for SSH servers to authenticate SSH clients. The Switch supports the following two user authentication methods:

Public key authentication
Password authentication

The user authentication method used by SSH servers of the Switch can be set using the configuration command ip ssh authentication. Note that SSH client of the Switch supports only password-authentication.

(a) Public key authentication

This function authenticates a user using a public key algorithm. Each user has a key pair. SSH servers have a user's public key configured. SSHv1 authenticates users by communicating with public-key cryptography from servers. By SSHv2, the client creates a digital signature with the user's private key and the server authenticates the user by verifying the signature.

In the Switch, only SSH server function supports public key authentication, and SSH client function does not support public key authentication. Note that public key authentication cannot be used for the user authentication method when connecting from the Switch to another Switch by SSH.

The following tables show the public key algorithms and public keys supported by the Switch's SSH servers for user authentication.

Table 11-9: Algorithms and sizes of user public keys supported by the Switch's SSH servers
SSH Version	Public key Algorithm	Size of the user public key
SSHv1	RSA	512bit~2560bit
SSHv2	ECDSA	521bit (nistp521) , 384bit (nistp384) , 256bit (nistp256)
	RSA	512bit~5120bit
	DSA	512bit~1536bit

SSH servers on the Switch use the configuration command ip ssh authkey to register the user public key. The following table lists the public key formats that can be registered.

Table 11-10: Format of public keys that can be registered
SSH Versioning	Display format
SSHv1	SSHv1 public key file
SSHv1	Numeric string indicating the public key in SSHv1 format
SSHv2	SECSH(RFC4716) Public key file in the form
	OpenSSH public key file
	String indicating the public key in SECSH or OpenSSH format

(b) Password authentication

SSH client sends the username and password, and SSH server verifies the username and password by matching the useraccount information in the server, or by querying the authenticator server for the correct username and password, for example, through RADIUS/TACACS+. By SSH, user credentials are encrypted so that eavesdropping does not compromise passwords.

The Switch supports password-authentication for both SSH servers and SSH clients. However, passwords cannot be authenticated to users who have not set passwords on SSH servers of the Switch. To use password authentication as the user authentication method for connecting SSH to the Switch, set a password for the user account.

(3) Shared session key

This function shares the session key used as a symmetric key for encryption and message authentication of the secure communication channel between the server and the client. By SSHv1, the client creates a session key and sends the session key from the client to the server using RSA public key cryptography during host authentication. By SSHv2, the key exchange method generates the same session key for both the server and the client.

The Switch allows you to select the key exchange method used by SSHv2 servers. To select the key exchange method, use the configuration command ip ssh key-exchange.

(4) Encryption

This function encrypts the secure communication channel. Symmetric ciphers are used for encryption, but SSHv2 can also use authenticated ciphers.

The Switch can restrict the encryption method of SSHv2 servers by setting the configuration command ip ssh ciphers. You can also specify the encryption method used for SSH client facility by using-c parameter for the operation command of SSH client facility.

(5) Message authentication

This function authenticates the secure channel data. It exists only in SSHv2. Message authentication uses a message authentication code. Also, if you use encryption with authentication as the encryption method, authenticate the data using encryption with authentication.

You can restrict the message authentication codes of SSHv2 servers by setting the configuration command ip ssh macs on the Switch. You can also specify the message-authentication method used by SSHv2 client facility by using-m parameter for the operation command of SSHv2 client facility.