Table of Contents
Advertisement
CHAPTER 5 CLI Commands
•
•
•
known-host <IP_address> remove
user's .ssh known_hosts file.
show ssh client
SSH client identities (public/private keys) and the per user list of authorized keys for the users.
ssh server
Enable or disable, and configure SSH (secure sockets shell) server options.
ssh server
enable
host-key
generate
<key_type> {private-key <key> | public-key <key>}
listen [enable] [interface <interface_name>]
min-version {1 | 2}
ports <port> [<port2> ...]
Notes:
•
enable
disabled, the CLI is only accessible over the serial console; this does not terminate
existing SSH sessions; it only prevents new ones from being established.
•
host-key
•
generate
keys: RSAv1, RSAv2, and DSAv2. Note the system automatically generates the host
keys on its first boot, so this only needs to be done if a security breach is suspected
and the keys need to be changed.
•
<key type>
if changing) of the specified key type; options are rsa1, rsa2, and dsa2 and either
private-key
used with no key given, the user is prompted for the key. Entries made at this prompt
echo the asterisk (*) character, and the user must enter the same string twice.
•
listen
•
enable
SSHD. If enabled and at least one non-DHCP interface is specified in the list, the SSH
140
ssh
when the user connects from the system to another host with slogin. DSA and
RSA v2 keys for SSHv2 can be generated using dsa2 or rsa2 as the key-type.
—Set private key SSH client identity for the specified user. An
private-key
optional passphrase may be specified for the private key.
—Set public key SSH client identity for the specified user.
public-key
Set the public or private key of specified type for the specified user name. This is
an alternative to generating the key in the above command and is also used for
reverse mapping generated keys. If the private-key command is used with no
key given, the user is prompted for the key. Entries made at this prompt echo the
asterisk (*) character, and the user must enter the same string twice. Use no ssh
client user <username> identity <key_type> to delete the public/private keys
for the specified user; any private key file in a valid user .ssh directory is deleted.
—Enable (default) or disable (with no) the SSH server. If the SSH server is
—Manipulate host keys for SSH:
—Regenerate new host keys for the SSH server. This generates three
—Manually set the host-key (either private or public, but should be both
or public-key . If the positive form of the private-key command is
—Configure SSH server interface access restrictions.
—Enable (default) or disable (with no) the listen interface-restricted list for
Media Flow Manager Administrator's Guide
—Delete a known host from the specified
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
