Configuring ssh server – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual
Page 258
240
Multi-Service IronWare Security Configuration Guide
53-1003035-02
SSH server version 2 support
5
•
Data integrity is ensured with the hmac-sha1 algorithm.
•
Supported authentication methods are Password and publickey.
•
Sixteen inbound SSH server connections at one time are supported.
•
One outbound SSH server
•
Outbound SSH clients
•
Compression is not supported.
•
TCP or IP port forwarding, X11 forwarding, and secure file transfer are not supported.
•
SSH server version 1 is not supported.
•
SCP supports AES encryption.
Configuring SSH server
The implementation of SSH server supports three kinds of user authentication:
•
DSA challenge-response authentication, where a collection of public keys are stored on the
device. Only clients with a private key that corresponds to one of the stored public keys can
gain access to the device using SSH server.
•
RSA challenge-response authentication, where a collection of public keys are stored on the
device. Only clients with a private key that corresponds to one of the stored public keys can
gain access to the device using SSH server.
•
Password authentication, where users attempting to gain access to the device using an SSH
client are authenticated with passwords stored on the device or on a TACACS or TACACS+ or
RADIUS server.
User authentication is enabled by default. You can configure the device to use any number of them.
To configure Secure Shell on a device, perform the following tasks.
1. Generate a host DSA or RSA public and private key pair for the device.
“show ip ssh config command output information.”
2. Configure DSA or RSA challenge-response authentication.
“Configuring DSA public key authentication”
3. Set optional parameters.
You can also view information about active SSH server connections on the device as well as
terminate them.
To display SSH server configuration information, use the following command: