Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Management Access for the SRX550 Services Gateway

 

Telnet allows you to connect to the SRX550 Services Gateway and access the CLI to execute commands from a remote system. Telnet connections are not encrypted and therefore can be intercepted.

Note

You cannot use Telnet to access the root account. You must use more secure methods, such as SSH, to log in as root.



SSH provides the following features:

  • Allows you to connect to the services gateway and to access the CLI to execute commands from a remote system

  • Unlike Telnet, encrypts traffic so that it cannot be intercepted

  • Can be configured so that connections are authenticated by a digital certificate

  • Uses public–private key technology for both connection and authentication

The SSH client software must be installed on the machine where the client application runs. If the SSH private key is encrypted (for greater security), the SSH client must be able to access the passphrase used to decrypt the key.

For information about enabling remote access, see Enabling Remote Access.

For information about obtaining SSH software, see http://www.ssh.com and http://www.openssh.com.

If you are using a Junos XML protocol server to configure and monitor devices, you can activate cleartext access on the services gateway to allow unencrypted text to be sent directly over a TCP connection without using any additional protocol (such as SSH, SSL, or Telnet). For more information about the Junos XML management protocol, see the Junos XML Management Protocol Guide  .

Note

Information sent in cleartext is not encrypted and therefore can be intercepted.

If the services gateway is operating in a Common Criteria environment, see the Configuration Guides for Junos OS Public Sector Certifications.