Enabling ssh remote access – D-Link DFL-2500 User Manual

Page 25

Advertising
background image

SSH (Secure Shell) CLI Access

The SSH (Secure Shell) protocol can be used to access the CLI over the network from a remote
host. SSH is a protocol primarily used for secure communication over insecure networks, providing
strong authentication and data integrity. Many SSH clients are feely available for almost all
hardware platforms.

NetDefendOS supports version 1, 1.5 and 2 of the SSH protocol and SSH access is regulated by the
remote management policy in NetDefendOS, and is disabled by default.

Example 2.1. Enabling SSH Remote Access

This example shows how to enable remote SSH access from the lannet network through the lan interface by
adding a rule to the remote management policy.

CLI

gw-world:/> add RemoteManagement RemoteMgmtSSH ssh Network=lannet Interface=lan

LocalUserDatabase=AdminUsers

Web Interface

1.

Go to System > Remote Management > Add > Secure Shell Management

2.

Enter a Name for the SSH remote management policy, eg. ssh_policy

3.

Select the following from the dropdown lists:

User Database: AdminUsers

Interface: lan

Network: lannet

4.

Click OK

Logging on to the CLI

When access to the CLI has been established to NetDefendOS through the serial console or an SSH
client, the administrator will need to logon to the system before being able to execute any CLI
command. This authentication step is needed to ensure that only trusted users can access the system,
as well as providing user information for auditing.

When accessing the CLI, the system will respond with a login prompt. Enter your username and
press Enter, followed by your password and then Enter again. After a successful logon you will see
the command prompt. If a welcome message has been set then it will be displayed directly after the
logon:

gw-world:/>

For security reasons, it can be advisable to disable or anonymize the CLI welcome message.

Changing the CLI Prompt

The default CLI prompt is

Device:/>

where Device is the model number of the D-Link Firewall. This can be customized, for example, to
gw-world:/>, by using the CLI command:

2.1.3. The CLI

Chapter 2. Management and Maintenance

25

Advertising
Popular Brands
Popular manuals