Dell Command Line Reference Guide for the S4048–ON System 9.14.2.4

PDF

ssh

Open an SSH connection specifying the hostname, username, encryption cipher, HMAC algorithm, port number, and version of the SSH client.

Syntax
NOTE: Some of the parameters in this command require licensing to access. For more information, contact your Dell EMC Networking representative.
ssh [vrf vrf-name] {hostname | ipv4 address | ipv6 address} [-c encryption cipher | -l username | -m HMAC algorithm | -p port-number | -v 2]
Parameters
vrf vrf-name
(OPTIONAL) Enter the keyword vrf and then the name of the VRF to specify the VRF used with the SSH session.
NOTE: The VRF configured using this command has a higher precedence than the VRF configured using the ip ssh vrf vrf-name command. If you do not configure a VRF using this command, then the SSH client uses the configured VRF (if any). If there is a mismatch between VRFs that are configured using the ip ssh source-interface command and the ssh vrf vrf-name command, then an error is reported.
hostname
(OPTIONAL) Enter the IP address or the host name of the remote device.
vrf instance
(OPTIONAL) E-Series Only: Enter the keyword vrf then the VRF Instance name to open an SSH connection to that instance.
ipv4 address
(OPTIONAL) Enter the IP address in dotted decimal format A.B.C.D.
ipv6-address prefix-length
(OPTIONAL) Enter the IPv6 address in the x:x:x:x::x format then the prefix length in the /x format. The range is from /0 to /128.
NOTE: The :: notation specifies successive hexadecimal fields of zeros.
-c encryption cipher
Enable the “FIPS mode enable", this mode will support the v2 client.

"no fips mode enable"(disable) will support v1 & v2 client. This comment is applicable for both ciphers & HMAC algorithms:

  • 3des-cbc: Force ssh to use 3des-cbc encryption cipher.
  • aes128-cbc : Force ssh to use aes128-cbc encryption cipher

  • aes192-cbc : Force ssh to use aes192-cbc encryption cipher

  • aes256-cbc : Force ssh to use aes256-cbc encryption cipher

  • aes128-ctr : Force ssh to use aes128-ctr encryption cipher

  • aes192-ctr : Force ssh to use aes192-ctr encryption cipher

  • aes256-ctr : Force ssh to use aes256-ctr encryption cipher

-l username
(OPTIONAL) Enter the keyword -l then the user name used in this SSH session. The default is the user name of the user associated with the terminal.
-m HMAC algorithm
Enter one of the following HMAC algorithms to use:

"no fips mode enable"(disable) will support v1 & v2 client.

  • hmac-md5: Force ssh to use hmac-md5 HMAC algorithm.
  • hmac-md5-96: Force ssh to use hmac-md5-96 HMAC algorithm.
  • hmac-sha1: Force ssh to use hmac-sha1 HMAC algorithm.
  • hmac-sha1-96 : Force ssh to use hmac-sha1-96 HMAC algorithm.
  • hmac-sha2-256 : Force ssh to use hmac-sha2-256 HMAC algorithm.

-p port-number
(OPTIONAL) Enter the keyword -p then the port number. The range is from 1 to 65535. The default is 22.
-v 2
(OPTIONAL) Enter the keyword -v then the SSH version 2. The default is the version from the protocol negotiation.
Defaults
As shown in the Parameters section.
Command Modes
EXEC Privilege
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

Version
Description
9.14(1.0)
Version 1 is deprecated.
9.12(1.0)
Introduced on the S5048F–ON.
9.10(0.1)
Introduced on the S6010-ON and S4048T-ON.
9.10(0.0)
Introduced on the S3148.
9.10(0.0)
Removed the support for hmac-sha2-256-96 algorithm.
9.8(2.0)
Introduced on the S3100 series.
9.8(1.0)
Introduced on the Z9100-ON.
9.8(0.0P5)
Introduced on the S4048-ON.
9.8(0.0P2)
Introduced on the S3048-ON.
9.7(0.0)
Introduced on the S6000–ON.
9.5(0.1)
Added support for the following ciphers and HMAC alogorithms on the Z9000, S6000, S4820T, S4820T. S6000–ON.
  • aes128-cbc
  • aes192-cbc
  • aes256-cbc
  • aes128-ctr
  • aes192-ctr
  • aes256-ctr
  • hmac-sha2-256
  • hmac-sha2-256-96
9.4.(0.0)
Added support for VRF.
9.2(1.0)
Introduced on the Z9500.
9.0.2.0
Introduced on the S6000.
8.3.19.0
Introduced on the S4820T.
8.3.11.1
Introduced on the Z9000.
8.3.12.0
Added support for the -c and -m parameters on the S4810.
8.3.7.0
Introduced on the S4810.
7.6.1.0
Introduced on the S-Series.
7.5.1.0
Added IPv6 support. Introduced on the C-Series.
pre-6.1.1.0
Introduced on the E-Series.
Usage Information
Dell EMC Networking OS supports both inbound and outbound SSH sessions using IPv4 or IPv6 addressing. Inbound SSH supports accessing the system through the management interface as well as through a physical Layer 3 interface.
Example
DellEMC#ssh 10.16.151.48 -l anvltest

Trying 10.16.151.48...
01:18:16: %STKUNIT0-M:CP %SEC-5-SSH_USAGE: Initiated SSH Client v2 (FIPS Disabled) to anvltest@10.16.151.48 by default from console
anvltest@10.16.151.48's password:
Last login: Thu Jan  5 00:17:47 2012 from login-maa-101
[anvltest@dt-maa-linux-1 ~]# exit
logout
DellEMC#

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\