Table of Contents
Advertisement
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide
SSH C
OMMANDS
Back to Section Header
The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC
(the SSH Client) and the Switch (the SSH Server), are as follows:
Create a user account with admin-level access using the create account admin <username> <password>
command. This is identical to creating any other admin-lever user account on the Switch, including
specifying a password. This password is used to login to the Switch, once secure communication has been
established using the SSH protocol.
Configure the user account to use a specified authorization method to identify users that are allowed to
establish SSH connections with the Switch using the config ssh authmode command. There are three
choices as to the method SSH will use to authorize the user, and they are password, publickey and hostbased.
Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the
SSH Client and the SSH Server.
Finally, enable SSH on the Switch using the enable ssh command.
After following the above steps, users can configure an SSH Client on the remote PC and manage the
Switch using secure, in-band communication.
The Secure Shell (SSH) commands in the Command Line Interface (CLI) are listed (along with the
appropriate parameters) in the following table.
C
OMMAND
enable ssh
disable ssh
config ssh authmode
show ssh authmode
config ssh server
show ssh server
config ssh user
show ssh user authmode
config ssh algorithm
show ssh algorithm
Each command is listed, in detail, in the following sections.
enable ssh
Purpose
Syntax
Description
Parameters
Restrictions
Usage example:
P
ARAMETERS
[password | publickey | hostbased] [enable | disable]
{maxsession <int 1-8> | contimeout <sec 120-600> | authfail <int 2-20> |
rekey [10min | 30min | 60min | never] | port <tcp_port_number 1-65535>}
<username 15> authmode [hostbased [hostname <domain_name 32> |
hostname_IP <domain_name 32> [<ipaddr> | <ipv6addr>]] | password |
publickey]
[3DES | AES128 | AES192 | AES256 | arcfour | blowfish | cast128 | twofish128
| twofish192 | twofish256 | MD5 | SHA1 | RSA | DSA] [enable | disable]
Used to enable SSH.
enable ssh
This command allows users to enable SSH on the Switch.
None.
Only Administrator and Operator-level users can issue this command.
Page | 460
Advertisement
Chapters
Table of Contents
