Changes between Version 13 and Version 14 of Internal/OpenFlow/QuickStart

Timestamp:

Aug 15, 2011, 4:55:32 PM (13 years ago)

Author:

akoshibe

Comment:

—

Internal/OpenFlow/QuickStart

@@ -17 +17 @@
   [#Ports 2.3 Ports] [[BR]]     
   [#Telnet 2.4 Telnet] [[BR]]
+  [#SSH 2.5 SSH] [[BR]]
  [#III III Miscellaneous Configuration Tasks] [[BR]]
   [#acls 3.1 ACLs and SNMP] [[BR]] 
@@ -229 +230 @@
 = II Basic Configuration Tasks = #II
 
-This chapter covers the basics of switch configuration. We will first take a look at some of the more important contexts available from configuration mode. The overview will be followed by a look at lower layer constructs (ports, VLANs, IP addresses) with respect to the switch, and how to configure these elements. This chapter will end with the configuration of telnet so that we can access the switch over the network.      
+This chapter covers the basics of switch configuration. We will first take a look at some of the more important contexts available from configuration mode. The overview will be followed by a look at lower layer constructs (ports, VLANs, IP addresses) with respect to the switch, and how to configure these elements. This chapter will end with the configuration of SSH access so that we can access the switch over the network securely.      
 
 == 2.1 Contexts == #Contexts
@@ -486 +487 @@
 == 2.4 Telnet == #Telnet 
 This section covers the steps needed to set up telnet access to your switch. Replace the VLAN ID's, IP addresses, and other parameters to fit your deployment.  
- 
+Telnet is not very secure, as it sends everything using plain-text. For a more secure connection method, take a look at [#SSH SSH].  
  1. Create a VLAN for telnet via the "vlan" context. For clarity (and good practice), we name our VLAN "telnet" so we know what it's used for. 
 {{{
@@ -513 +514 @@
 
 [#index return to index] 
-
+[[BR]][[BR]]
+
+== 2.5 SSH == #SSH
+Unlike Telnet, SSH encrypts messages to discourage eavesdropping. You must use a password protected local user account in order to access a switch via SSH. Here we cover the configuration of password-based SSH access. Other modes of authentication (e.g. public key)  are also available but won't be covered here. A detailed SSH configuration guide may be found at the NEC website.  
+ 1. Create a user account with `adduser`, as per [#accounts this section]. 
+ 1. From `configure` mode, enable SSHv2:
+{{{
+ip ssh
+ip ssh version 2
+ip ssh authentication password
+}}}    
+The first line enables SSH access to the switch by any local user with a password. The second line specifies the useage of SSH version 2, and the last, to use password-based authentication.  
+
+[#index return to index] 
 [[BR]][[BR]]
 ----
@@ -748 +762 @@
 ----
 = IV !OpenFlow Switching = #IV
-This section goes over the !OpenFlow aspects of the switch.  
+This section goes over the !OpenFlow aspects of the switch. This section mostly describes the old !OpenFlow capable firmware, 11.1.C. The production version of the firmware, 11.1.Ae, no longer requires the SD card other than for the install. For updated flashing/operation instructions, refer to the link [http://orbit-lab.org/wiki/Internal/OpenFlow/Firmware#Ae here]. 
 [[BR]]
 
@@ -1043 +1057 @@
 === 4.7. OF mode IP8800 and ORBIT === #orbitof
 This section is meant for the odds-and-ends with respect to ORBIT deployments of the IP8800 in !OpenFlow mode.
-
+ * SSH acess: user: native, passkey: geni101
  * ''kvm-big'': some of the VLANs on the IP8800 can be pointed to the Big Switch controller, at 172.16.0.14:6633. If doing so, don't forget to add the trunk as one of the virtual switch ports, e.g:
 {{{