OS10 Enterprise Edition User Guide Release 10.4.0E(R3)

PDF

SSH Server

The secure shell (SSH) server allows an SSH client to access an OS10 switch through a secure, encrypted connection.

Configure SSH server

  • The SSH server is enabled by default. You can disable the SSH server using no ip ssh server enable.
  • Challenge response authentication is disabled by default. To enable, use the ip ssh server challenge-response-authentication command.
  • Host-based authentication is disabled by default. To enable, use the ip ssh server hostbased-authentication command.
  • Password authentication is enabled by default. To disable, use the no ip ssh server password-authentication command.
  • Public key authentication is enabled by default. To disable, use the no ip ssh server pubkey-authentication command.
  • Configure the list of cipher algorithms using ip ssh server cipher cipher-list .
  • Configure Key Exchange algorithms using ip ssh server kex key-exchange-algorithm .
  • Configure hash message authentication code (HMAC) algorithms using ip ssh server mac hmac-algorithm .
  • Configure the SSH server listening port using ip ssh server port port-number .
  • Configure the SSH server to be reachable on the management VRF using ip ssh server vrf.
  • Configure the SSH login timeout using the ip ssh server login-grace-time seconds command (0 to 300; default 60). To reset the default SSH prompt timer, enter no ip ssh server login-grace-time.
  • Configure the maximum number of authentication attempts using the ip ssh server max-auth-tries number command (0 to 10; default 6). To reset the default, enter no ip ssh server max-auth-tries.

    The max-auth-tries value includes all authentication attempts, including public-key and password. If both public-key based authentication and password authentication are enabled, the public-key authentication is the default and is tried first. If it fails, the number of max-auth-tries is reduced by one. In this case, if you configured ip ssh server max-auth-tries 1, the password prompt does not display.


Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\