Secure shell commands, Table 21-10 – Edge Products ES3528-WDM User Manual
Page 351
Secure Shell Commands
21-15
21
Secure Shell Commands
This section describes the commands used to configure the SSH server. Note that
you also need to install a SSH client on the management station when using this
protocol to configure the switch.
Note:
The switch supports both SSH Version 1.5 and 2.0 clients.
Configuration Guidelines
The SSH server on this switch supports both password and public key
authentication. If password authentication is specified by the SSH client, then the
password can be authenticated either locally or via a RADIUS or TACACS+ remote
authentication server, as specified by the authentication login command on
page 21-4. If public key authentication is specified by the client, then you must
configure authentication keys on both the client and the switch as described in the
following section. Note that regardless of whether you use public key or password
authentication, you still have to generate authentication keys on the switch and
enable the SSH server.
Table 21-10 Secure Shell Commands
Command
Function
Mode
Page
ip ssh server
Enables the SSH server on the switch
GC
ip ssh timeout
Specifies the authentication timeout for the SSH server
GC
ip ssh
authentication-retries
Specifies the number of retries allowed by a client
GC
ip ssh server-key size Sets the SSH server key size
GC
copy tftp public-key
Copies the user’s public key from a TFTP server to the switch PE
delete public-key
Deletes the public key for the specified user
PE
ip ssh crypto host-key
generate
Generates the host key
PE
ip ssh crypto zeroize
Clear the host key from RAM
PE
ip ssh save host-key
Saves the host key from RAM to flash memory
PE
disconnect
Terminates a line connection
PE
show ip ssh
Displays the status of the SSH server and the configured values
for authentication timeout and retries
PE
show ssh
Displays the status of current SSH sessions
PE
show public-key
Shows the public key for the specified user or for the host
PE
show users
Shows SSH users, including privilege level and public key type PE