HPE Community
Switches, Hubs, and Modems
1753834 Members
7625 Online
108806 Solutions
New Discussion юеВ

Re: SSH and ip authorized-managers on HP5304XL

 
Magnus Johansson_1
Advisor

тАО03-15-2004 01:59 AM

тАО03-15-2004 01:59 AM

SSH and ip authorized-managers on HP5304XL

The ip authorized-managers command dont stop access to the switch if you are using SSH instead of telnet from what I have seen.

Is this a bug or a feature?

Possibly this apply to other platforms than the 5304XL that I have tried it on.

/Magnus
0 Kudos
5 REPLIES 5
The Real MD
Valued Contributor

тАО03-15-2004 02:58 AM

тАО03-15-2004 02:58 AM

Re: SSH and ip authorized-managers on HP5304XL

SSH uses public/private key encryption and hence the password cannot be sniffed from the network. The assumtion is made that if you know the password then you have been authorised to login. Telnet uses clear text passwords over the network so another
layer of security is used, in this case IP asddress.


hope this helps

Martin.
0 Kudos
Magnus Johansson_1
Advisor

тАО03-15-2004 06:11 PM

тАО03-15-2004 06:11 PM

Re: SSH and ip authorized-managers on HP5304XL

Ofcourse it is encrypted and so on, but if you can reach the service there is a possibility to make an attack thru that service. And there is the possibility that there is a securitybug in the service, it has happened before with SSH, and it will probobly happen again.

/Magnus
0 Kudos
Ardon
Trusted Contributor

тАО03-18-2004 06:14 AM

тАО03-18-2004 06:14 AM

Re: SSH and ip authorized-managers on HP5304XL

Hi Magnus,

We just fixed this issue on the 25XX platform. So what code was your 53XX running? If you are runnig E.08.01 I will post a PR (problem report) at the US lab.

Ardon
ProCurve Networking Engineer
0 Kudos
Magnus Johansson_1
Advisor

тАО03-18-2004 07:10 PM

тАО03-18-2004 07:10 PM

Re: SSH and ip authorized-managers on HP5304XL

Right now we are actually runnig 8.03 because of some bugs in 8.01. it is not an official release yet but we had the same problem in 8.01 i think.
Is there the same problem in 41xxGL-series?

/Magnus
0 Kudos
Ardon
Trusted Contributor

тАО03-20-2004 10:21 PM

тАО03-20-2004 10:21 PM

Re: SSH and ip authorized-managers on HP5304XL

Hi Magnus,

I checked with both E.08.01 and E.08.03 and could not confirm your observed behavior. In other words. I would configure SSH Access and verfied to have access. Then I would configure an Authorized IP Manager which was NOT my clients IP and indeed I did NOT get access anymore. Maybe there was a problem with your Wildcard setting?
Please mention to me the Client's IP and the Config of the Switch and I will check again.
Regards, Ardon
ProCurve Networking Engineer
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.