Setting the ssh login timeout value, Configuring maximum idle time for ssh sessions – Brocade BigIron RX Series Configuration Guide User Manual

Page 1078

Advertising
background image

1000

BigIron RX Series Configuration Guide

53-1002484-04

Configuring SSH

31

Setting the SSH login timeout value

When the SSH server attempts to negotiate a session key and encryption method with a connecting
client, it waits a maximum of 120 seconds for a response from the client. If there is no response
from the client after 120 seconds, the SSH server disconnects. You can change this timeout value
to between 1 – 120 seconds. For example, to change the timeout value to 60 seconds.

BigIron RX(config)# ip ssh timeout 60

Syntax: ip ssh timeout <seconds>

Designating an interface as the source for all SSH packets

You can designate a loopback interface, virtual interface, or Ethernet port as the source for all SSH
packets from the device. The software uses the IP address with the numerically lowest value
configured on the port or interface as the source IP address for SSH packets originated by the
device.

NOTE

When you specify a single SSH source, you can use only that source address to establish SSH
management sessions with the device.

To specify the numerically lowest IP address configured on a loopback interface as the device’s
source for all SSH packets, enter commands such as the following.

BigIron RX(config)# int loopback 2

BigIron RX(config-lbif-2)# ip address 10.0.0.2/24

BigIron RX(config-lbif-2)# exit

BigIron RX(config)# ip ssh source-interface loopback 2

The commands in this example configure loopback interface 2, assign IP address 10.0.0.2/24 to
the interface, then designate the interface as the source for all SSH packets from the device.

Syntax: ip ssh source-interface ethernet <slot/port> | loopback <num> | ve <num>

The <num> parameter is a loopback interface or virtual interface number. The <slot/port>
parameter specifies an ethernet port number. For example.

BigIron RX(config)# interface ethernet 1/4

BigIron RX(config-if-e10000-1/4)# ip default-network 209.157.22.110/24

BigIron RX(config-if-e10000-1/4)# exit

BigIron RX(config)# ip ssh source-interface ethernet 1/4

Configuring maximum idle time for SSH sessions

By default, SSH sessions do not time out. Optionally, you can set the amount of time an SSH
session can be inactive before the device closes it. For example, to set the maximum idle time for
SSH sessions to 30 minutes.

BigIron RX(config)# ip ssh idle-time 30

Syntax: ip ssh idle-time <minutes>

If an established SSH session has no activity for the specified number of minutes, the device
closes it. An idle time of 0 minutes (the default value) means that SSH sessions never time out. The
maximum idle time for SSH sessions is 240 minutes.

Advertising
Popular Brands
Popular manuals