Left running head:
Chapter name (automatic)
System Configuration and Monitoring
I
M
NBAND
ANAGEMENT
SSH (S
S
)
ECURE
HELL
Note:
SSH is not supported in the no crypto image. For information on the no crypto
release, refer to the release note.
SSH is a program that enables logging into a remote machine, and provides
secure communication between two systems.
•
Inbound SSH access to the system is disabled by default. It is mandatory to have
a user account configured for this. (See
page
58)
•
Outbound SSH access is allowed for the user once the user has been
authenticated. SSH access from the system is always enabled.
ssh {enable|disable}
ssh [vrf <vrf-name>] {<ip-
address>|<hostname>} <user-
name> [version {1|2}]
clear known_hosts [<ip-
address>]
46
Beta
(SSH
T
AND
ELNET
.
Command (in UM)
Alcatel-Lucent
)
"AAA Configuration on OA-700" on
Description
Use this command to enable/disable the
SSH service.
Use this command to access a remote
computer by SSH.
This command enables you to clear the
address key mapping for all the IP
addresses/a single IP address from the
known_hosts file.
SSH client maintains a list of IP
addresses and associated RSA keys in
the file called known_hosts.
It is not possible to initiate a SSH
session with a host whose IP address
and key does not match with the one
stored in the known_hosts file. This
mismatch can happen if the an IP
address is assigned to a different host or
if the key of the host is regenerated. In
such cases, you have to clear the
known_host file before you can
succesfully initiate the SSH client
session.
Also, the known_hosts file is not VRF
aware and is based only on the IP
address. Hence, it is required to clear
the file before you can establish a
session to the same IP address across
VRFs.
CLI Configuration Guide
Beta