Filtering ssh access using acls, Terminating an active ssh connection, Displaying ssh information – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

72

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

Filtering SSH access using ACLs

Brocade(config)# ip ssh idle-time 30

Syntax: ip ssh idle-time minutes

If an established SSH session has no activity for the specified number of minutes, the Brocade
device closes it. An idle time of 0 minutes (the default value) means that SSH sessions never time
out. The maximum idle time for SSH sessions is 240 minutes.

Filtering SSH access using ACLs

You can permit or deny SSH access to the Brocade device using ACLs. To use ACLs, first create the
ACLs you want to use. You can specify a numbered standard IPv4 ACL, a named standard IPv4 ACL

Enter commands such as the following.

Brocade(config)# access-list 10 permit host 192.168.144.241
Brocade(config)# access-list 10 deny host 192.168.144.242 log
Brocade(config)# access-list 10 permit host 192.168.144.243
Brocade(config)# access-list 10 deny any
Brocade(config)# ssh access-group 10

Syntax: ssh access-group standard-named-acl | standard-numbered-acl

Terminating an active SSH connection

To terminate one of the active SSH connections, enter the following command

Brocade# kill ssh 1

Syntax: kill ssh connection-id

Displaying SSH information

Up to five SSH connections can be active on the Brocade device.

Displaying SSH connection information

To display information about SSH connections, enter the show ip ssh command.

Brocade# show ip ssh
Connection Version Encryption Username HMAC Server Hostkey IP Address
Inbound:
1 SSH-2 3des-cbc Raymond hmac-sha1 ssh-dss 10.120.54.2
Outbound:
6 SSH-2 aes256-cbc Steve hmac-sha1 ssh-dss 10.37.77.15

SSH-v2.0 enabled; hostkey: DSA(1024), RSA(2048)