Table of Contents
Advertisement
Chapter 26
Configuring Users and Common Roles
Configuring SSH Services
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
When you use SCP/SFTP along with the copy command, a list of trusted SSH hosts are built and stored
within the switch (see
Example
26-8).
Example 26-8 Using SCP/SFTP to Copy Files
switch# copy scp://abcd@171.71.48.223/users/abcd/abc
bootflash:abc The authenticity of host '171.71.48.223 (171.71.48.223)'
can't be established.
RSA1 key fingerprint is 01:29:62:16:33:ff:f7:dc:cc:af:aa:20:f8:20:a2:db.
Are you sure you want to continue connecting (yes/no)? yes
Added the host to the list of known hosts
(/var/home/admin/.ssh/known_hosts). [SSH key information about the host is
stored on the switch]
abcd@171.71.48.223's password:
switch#
If a host's SSH key changes before you use SCP/SFTP along with the copy command, you will receive
an error (see
Example
26-9).
Example 26-9 Using SCP/SFTP to Copy Files—Error Caused by SSH Key Change
switch# copy scp://apn@171.69.16.46/isan-104
bootflash:isan-ram-1.0.4
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA1 host key has just been changed.
The fingerprint for the RSA1 key sent by the remote host is
36:96:ca:d7:29:99:79:74:aa:4d:97:49:81:fb:23:2f.
Please contact your system administrator.
Add correct host key in /mnt/pss/.ssh/known_hosts to get rid of this
message.
Offending key in /mnt/pss/.ssh/known_hosts:2
RSA1 host key for 171.69.16.46 has changed and you have requested strict
checking.
Displaying SSH Protocol Status
Use the show ssh server command to display the status of the SSH protocol (enabled or disabled) and
the versions that are enabled for that switch (see
Example
26-10).
Example 26-10 Displays SSH Protocol Status
switch# show ssh server
ssh is enabled
version 1 enabled
version 2 enabled
Use the show ssh key command to display the server key pair details for the specified key or for all keys,
(see
Example
26-11).
Cisco MDS 9000 Family Configuration Guide
26-16
OL-6973-03, Cisco MDS SAN-OS Release 2.x
Advertisement
Table of Contents
Need help?
Do you have a question about the DS-X9530-SF1-K9 - Supervisor-1 Module - Control Processor and is the answer not in the manual?
Questions and answers