HPE Community
Operating System - HP-UX
1839276 Members
2802 Online
110138 Solutions
New Discussion

SSH

 
SOLVED
Go to solution
YLTan
Frequent Advisor

‎03-13-2003 06:28 AM

‎03-13-2003 06:28 AM

SSH


My company are looking to setup VPN using HP Secure Shell on all our HP servers. So all connection will be via SSH-2.

Do I need to make or check for changes on all the Cisco routers and switch configuration to see if they are able to handle SSH-2 ??
tyl
0 Kudos
Reply
8 REPLIES 8
Steve Steel
Honored Contributor

‎03-13-2003 06:53 AM

‎03-13-2003 06:53 AM

Solution

Re: SSH

Hi


I would check it all and look at

http://www.ssh.com/documents/31/ssh_sentinel_14_cisco_pix.pdf

As an example

Steve Steel
If you want truly to understand something, try to change it. (Kurt Lewin)
Reply
Sergejs Svitnevs
Honored Contributor

‎03-13-2003 07:47 AM

‎03-13-2003 07:47 AM

Re: SSH

The vulnerabilities of SSH in the Cisco devices can be found at:

http://www.cisco.com/warp/public/707/SSH-multiple-pub.html

Regards,
Sergejs
Reply
SSO Montgomery
Advisor

‎03-13-2003 11:59 AM

‎03-13-2003 11:59 AM

Re: SSH

You may wish to research OpenSSH. Their URL is:

http://www.openssh.com

It's free and seems to have less security findings.
Reply
Donny Jekels
Respected Contributor

‎03-13-2003 12:59 PM

‎03-13-2003 12:59 PM

Re: SSH

I am confused with your question.

Does your company want to setup a VPN solution and allow you to SSH in to your unix boxes?

Or do they want to setup a VPN solution using SSH through the internet?
i.e. Users at home will SSH into your network with a SSH connection??

please advise
Donny
"Vison is the art of seeing the invisable!"
"Vision, is the art of seeing the invisible"
Reply
Shannon Petry
Honored Contributor

‎03-13-2003 01:32 PM

‎03-13-2003 01:32 PM

Re: SSH

Agreed with the previous post, your intentions are not clear.

Basically... ssh runs everything on Port 22. If your just using a cisco as a gateway, then make sure port 22 is open for inbound and outbound traffic.

if your intending on using the cisco as a vpn device... I cant help you much there..


Regards,
Shannon
Microsoft. When do you want a virus today?
Reply
YLTan
Frequent Advisor

‎03-13-2003 06:00 PM

‎03-13-2003 06:00 PM

Re: SSH

Hi Shannon and Donny

thnx for the help.

we are looking into VPN where business partners can connect to our systems, something like user's home connect to company systems.

What I don't know is, do cisco routers and switches need any configuration for VPN to work or it just treat is as passthru.?
tyl
0 Kudos
Reply
Donny Jekels
Respected Contributor

‎03-13-2003 06:09 PM

‎03-13-2003 06:09 PM

Re: SSH

HI,

For the best free VPN solution look at FreesWan, and as for VPN to work through your Cisco routers and or firewalls, open port UDP 500.

Now here is the key, once you connect to your VPN server from your trusted Linux/Windows PC at home, you can establish a SSH session to any of your UNIX hosts inside your company's network through the existing VPN tunnel.

You will need to configure freeswan's own firewall (ipchains) to allow SSH (TCP port 22) through.

done
enjoy
Donny


"Vision, is the art of seeing the invisible"
Reply
Chris Vail
Honored Contributor

‎03-14-2003 07:27 AM

‎03-14-2003 07:27 AM

Re: SSH

Installing and using ssh on HP is easy. However, we use BOTH VPN and ssh. Our VPN solution is from Cisco, and we use the RSA SecureID system that involves a keyfob.

I've attached my standard document explaining how to configure and use ssh for HP. If you'll follow it precisely, it will make for a very seamless and transparent system.

Thanks to Chris Wong, who explained why Secure Shell under 11i is so much faster than under 11.0 and earlier.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.