40 configuring secure shell, 1 secure shell configuration – CANOGA PERKINS CanogaOS Configuration Guide User Manual

CanogaOS Configuration Guide

Proprietary & Confidential Canoga Perkins Metro Ethernet Switches

Page 321 of 350

40 Configuring Secure Shell

40.1 Secure Shell Configuration

The Secure Shell (SSH) is a protocol that provides a secure, remote connection to a device. SSH
provides more security for remote connections than Telnet does by providing strong encryption
when a device is authenticated. SSH supports the Data Encryption Standard (DES) encryption
algorithm, the Triple DES (3DES) encryption algorithm, and password-based user
authentication. The SSH feature has an SSH server and an SSH integrated client, which are
applications that run on the switch. You can use an SSH client to connect to a switch running the
SSH server. The SSH server works with the SSH client supported in this release and with SSH
clients. The SSH client also works with the SSH server supported in this release and with SSH
servers.

40.1.1 References
The SSH module is based on the following document:

RFC 4716,

RFC 4255, RFC 4256

40.1.2 Terminology
Following is a brief description of terms and concepts used to describe the SSH protocol:

RSA

Rivest, Shamir, and Adelman authentication.

DES

Data Encryption Standard.

3DES

Triple Data Encryption Standard.

40.1.3 Configuring the SSH Server
Beginning in privileged EXEC mode, follow these steps to configure the SSH server:

DUT#configure terminal

Enter the Configure mode.

DUT(config)#ip ssh server enable

Enable SSH server globally

DUT(config)#ip ssh server version all

(Optional) Configure the switch to run SSH Version 1
or SSH Version 2 or both.

• 1—Configure the switch to run SSH Version 1.

• 2—Configure the switch to run SSH Version 2.

• all—Configure the switch to run SSH Version 1 and