Secure Shell Authentication - Dell Z9000 Configuration Manual

• ip ssh key-size: configure the size of the server-generated RSA SSHv1 key.
• ip ssh password-authentication enable: enable password authentication for the SSH server.
• ip ssh pub-key-file: specify the file the host-based authentication uses.
• ip ssh rhostsfile: specify the rhost file the host-based authorization uses.
• ip ssh rsa-authentication enable: enable RSA authentication for the SSHv2 server.
• ip ssh rsa-authentication: add keys for the RSA authentication.
• show crypto: display the public part of the SSH host-keys.
• show ip ssh client-pub-keys: display the client public keys used in host-based authentication.
• show ip ssh rsa-authentication: display the authorized-keys for the RSA authentication.
• ssh-peer-rpm: open an SSH connection to the peer RPM.
The following example shows the use of SCP and SSH to copy a software image from one switch running
SSH server on UDP port 99 to the local switch.
Dell#copy scp: flash:
Address or name of remote host []: 10.10.10.1
Port number of the server [22]: 99
Source file name []: test.cfg
User name to login remote host: admin
Password to login remote host:

Secure Shell Authentication

Secure Shell (SSH) is disabled by default.
Enable SSH using the ip ssh server enable command.
SSH supports three methods of authentication:
• Enabling SSH Authentication by Password
• Using RSA Authentication of SSH
• Configuring Host-Based SSH Authentication
Important Points to Remember
• If you enable more than one method, the order in which the methods are preferred is based on the
ssh_config file on the Unix machine.
• When you enable all the three authentication methods, password authentication is the backup
method when the RSA method fails.
• The files known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or
version 2, respectively.
Enabling SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell
Networking system. This setup is the simplest method of authentication and uses SSH version 1.
To enable SSH password authentication, use the following command.
• Enable SSH password authentication.
CONFIGURATION mode
ip ssh password-authentication enable
Example of Enabling SSH Password Authentication
To view your SSH configuration, use the show ip ssh command from EXEC Privilege mode.
720
Security