HP xw460c Blade manual Accessing the switch, # ssh user@GbE2c Ethernet Blade Switch IP address

Page 11

The supported SSH encryption and authentication methods are listed below.

Server Host Authentication—Client RSA authenticates the switch in the beginning of every connection

Key Exchange—RSA

Encryption:

AES256-CBC

AES192-CBC

AES128-CBC

3DES-CBC

3DES

ARCFOUR

User Authentication—Local password authentication; Remote Authentication Dial-in User Service (RADIUS) The following SSH clients are supported:

SSH 3.0.1 for Linux (freeware)

SecureCRT® 4.1.8 (VanDyke Technologies, Inc.)

OpenSSH_3.9 for Linux (FC 3)

FedoraCore 3 for SCP commands

PuTTY Release 0.58 (Simon Tatham) for Windows

NOTE: The switch implementation of SSH is based on versions 1.5 and 2.0, and supports SSH clients from version 1.0 through version 2.0. SSH clients of other versions are not supported. You may configure the client software to use protocol SSH version 1 or version 2.

By default, SSH service is not enabled on the switch. Once the IP parameters are configured, you can access the command line interface to enable SSH.

To establish an SSH connection with the switch, run the SSH program on the workstation by issuing the ssh command, followed by the user account name and the switch IP address:

>># ssh <user>@<GbE2c Ethernet Blade Switch IP address>

You will then be prompted to enter your password.

NOTE: The first time you run SSH from the workstation, a warning message might appear. At the prompt, enter yes to continue.

Accessing the switch

To enable better switch management and user accountability, the switch provides different levels or classes of user access. Levels of access to the CLI and Web management functions and screens increase as needed to perform various switch management tasks. The three levels of access are:

User—User interaction with the switch is completely passive; nothing can be changed on the switch. Users may display information that has no security or privacy implications, such as switch statistics and current operational state information.

Operator—Operators can only effect temporary changes on the switch. These changes will be lost when the switch is rebooted/reset. Operators have access to the switch management features used for daily switch operations. Because any changes an operator makes are undone by a reset of the switch, operators cannot severely impact switch operation, but do have access to the Maintenance menu.

Administrator—Only administrators can make permanent changes to the switch configuration, changes that are persistent across a reboot/reset of the switch. Administrators can access switch functions to configure and troubleshoot problems on the switch. Because administrators can also make temporary (operator-level) changes as well, they must be aware of the interactions between temporary and permanent changes.

Access to switch functions is controlled through the use of unique usernames and passwords. Once you are connected to the switch via the local console, Telnet, or SSH, you are prompted to enter a password. The password entered determines the access level. The default user names/password for each access level is listed in the following table.

NOTE: It is recommended that you change default switch passwords after initial configuration and as regularly as required under your network security policies. For more information, see the “Setting passwords” section in the “First-time configuration” chapter.

Command line interface 11

Page 10 Page 12
Image 11
Page 10 Page 12
Contents HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Page Contents Statistics Menu Configuration Menu 111 Index Command line interface Establishing a console connection Connecting to the switchIntroduction Additional referencesEstablishing an SSH connection Setting an IP addressTelnet GbE2c Ethernet Blade Switch IP address Establishing a Telnet connection# ssh user@GbE2c Ethernet Blade Switch IP address Accessing the switchIdle timeout AaBbCc123 Typographical conventionsMenu summary Main MenuTraceroute host name IP address max-hops msec Global commandsDelay Telnet hostname IP address port Command line history and editingTab completion Command line interface shortcutsCommand stacking Command abbreviation# /cfg/sys/ssnmp/rcommwcomm Configuring Simple Network Management Protocol support# /cfg/sys/access/snmp disableread onlyread/write Main# /cfgSystem# apply System# save Setting passwordsChanging the default administrator password Changing the default user password Changing the default operator password Menu overview Information MenuSNMPv3 Information Menu System Information MenuV1v2only AdminshaSNMPv3 USM User Table information CommSNMPv3 View Table information SNMPv3 Access Table informationPrefix SNMPv3 Group Table informationSNMPv3 Community Table information SNMPv3 Target Parameters Table information SNMPv3 Target Address Table informationSec Level Command /info/sys/snmpv3/notify NameTag V1v2trapv1v2trapSNMPv3 Notify Table information SNMPv3 dump System information System user information Show last 100 syslog messages8021x Stp Cfg/sys/access/user/uid commandLayer 2 information Port port number FDB information menuFind MAC address Vlan Show all FDB information Link Aggregation Control Protocol informationLacp dump 802.1x information Spanning Tree information Port Auth ModeAuthenticator PAE State Command /info/l2/stpHello Current RootPath-Cost Priority bridgeDesg 8018 Rapid Spanning Tree and Multiple Spanning Tree informationDesignated port Desg 8017 P2P2,EdgeDisabled DSB Common Internal Spanning Tree information Discarding Disc , Learning LRN , Forwarding FWD , or Disabled DSBTrunk group information Layer 3 information Vlan informationLayer 2 general information If IP address Route informationFind IP address Gw IP addressShow all IP Route information Vlan Command /info/arp/dump IP address Flags MAC addressARP information Show all ARP entry informationDbase Sumaddr Nsumadd Routes Dump Ospf informationNbr nbr router-id A.B.C.D Ospf Database information menu Ospf general informationOspf interface information Nw adv-rtr A.B.C.D linkstateid A.B.C.Dself Advrtr router-id A.B.C.DAsbrsum adv-rtr A.B.C.D Linkstateid A.B.C.Dself Ext adv-rtr A.B.C.D linkstateid A.B.C.DselfRIP Routes information Ospf route codes informationRouting Information Protocol information Igmp multicast group information RIP user configurationIP information Vrrp information Command /info/l3/vrrp Vrrp informationIgmp multicast router port information 8021p QoS information802.1p information QoS Menu 8021p Show QOS 802.1p informationRmon Information Menu ACL informationInterval Rmon history informationRmon event information Rmon alarm informationCommand /info/rmon/event Link status information VLANs Command /info/port Port Tag Rmon PvidPort information Uplink Failure Detection information Command /info/geaport Logical Port GEA Port0-based GEA UnitUplink Failure Detection Enabled LtM status Down Member Logical Port to GEA Port mappingInformation dump Command /info/dumpUfd clear Menu informationNtp clear Port Statistics Menu AuthSuccessesWhile Authenticating802.1x statistics Supplicant Bridging statisticsBackendNonNakResponsesFrom Ethernet statistics Dot3StatsMultipleCollisionFrames Dot3StatsFCSErrorsDot3StatsInternalMacTransmitErrors Dot3StatsSingleCollisionFramesInterface statistics Link statistics Internet Protocol IP statisticsPort Rmon statistics FDB statistics Layer 2 statisticsClrigmp 1- 4095 all Lacp statisticsLayer 3 statistics Arp clearL3 bucket for An IP address Dump GEA Layer 3 statistics menuGEA Layer 3 statistics IP statisticsARP statistics Route statisticsIcmp statistics DNS statisticsTCP statistics UDP statistics Ospf stats Menu Command /stats/l3/ospfIgmp Multicast Group statistics Ospf statistics menuOspf global statistics Nbr change Tx ls UpdatesVrrp statistics Timers KickoffPacket statistics Command /stats/l3/ripManagement Processor statistics RIP statistics10ad41e8/10ad5790 AllocsACL statistics Access Control List ACL statistics menuCPU statistics Snmp statistics Only NTP statistics Number of times LtM link in Blocking Command /stats/dumpUplink Failure Detection statistics Statistics dumpConfiguration Menu Applying pending changes Saving the configurationViewing, applying, reverting, and saving changes Viewing pending changesReminders System configurationHost IP address System host log configurationLine to end Bannr 1-80 charactersLog featureall enabledisable Secure Shell Server configurationConsole disableenable Sshport TCP port number Radius server configurationCommand /cfg/sys/radius IntrvalTACACS+ server configuration Port TCP port number Telnet enabledisableCommand /cfg/sys/ssnmp NTP server configurationSystem Snmp configuration Dlight disableenableCharacters SNMPv3 configurationName 1-64 characters V1v2 disableenable User Security Model configurationMask 1-32 characters SNMPv3 View configurationName 1-32 characters Tree 1-32 charactersNoAuthNoPrivauthNo View-based Access Control Model configurationSNMPv3 Group configuration Usmsnmpv1snmpv2 LevelDel Deletes the vacmSecurityToGroup entry Cur SNMPv3 Community Table configurationUsmsnmpv1snmpv2 Uname Address ip Port transport SNMPv3 Target Address Table configurationSNMPv3 Target Parameters Table configuration Addr transportSnmpv1snmpv2csnmp Model SNMPv3 Notify Table configurationManagement Networks configuration System Access configurationUseroperadmin Name User Access Control configurationUser ID configuration Access enabledisable Port configurationHttps Access configuration Name 1-64 characters none Temporarily disabling a port Port link configurationPort ACL/QoS configuration Layer 2 configuration802.1x configuration Unauthautoforce-auth 802.1x Global configurationMode force Reauth onoff 802.1x Port configurationRev Mode rstpmstp4095 Common Internal Spanning Tree configurationBridge parameter menu Port parameter menuCist port configuration Cist bridge configurationLink autop2pshared Spanning Tree configurationEdge disableenable CostBridge Spanning Tree configuration Cur Display current port Spanning Tree parameters Spanning Tree port configurationFastfwd disableenable Forwarding Database configurationStatic FDB configuration Add port number Trunk configurationMAC address Vlan port Clear mac MAC AddressVLAN 1-4095 Port port numberAllLink Aggregation Control Protocol configuration IP Trunk Hash configurationLayer 2 IP Trunk Hash configuration Mode offactivepassive Lacp Port configurationVlan configuration Timeout shortlongList of port numbers Layer 3 configurationPort number Mask IP subnet mask IP interface configurationAddr IP address Default Gateway configuration IP Static Route configurationDirbr disableenable Address Resolution Protocol configurationIP Forwarding configuration Network Filter configurationLp 0-4294967294 none Route Map configurationAp AS number AS number AS Action permitdeny IP Access List configurationAutonomous System Path configuration Metric 1-4294967294noneRouting Information Protocol configuration RIP Interface configuration Remove 1-32 1-32all Open Shortest Path First configurationRIP Route Redistribution configuration Add 1-32 1-32allRedist fixedstaticrip Osfp Area Index configurationDefault 1-16777215 12none Md5key 1-255 charactersType transitstubnssa Ospf Summary Range configurationAuth nonepasswordmd5 Areaid IP addressMdkey 1-255none Ospf Interface configurationMask IP address mask Key key stringnoneNbr IP address Ospf Virtual Link configurationKey password Export 1-16777215 12none Ospf Host Entry configurationOspf Route Redistribution configuration Rem 1-32 1-32 ... allOspf MD5 Key configuration Igmp configurationSrcip IP address Igmp snooping configurationAggr disableenable Fastlv 1-4095 disableenableFilter Igmp static multicast router configurationIgmp filtering configuration Add port number 1-4095Multicast address Igmp filtering port configurationIgmp filter definition Range IP multicast address IPDomain Name System configuration Bootstrap Protocol Relay configurationVrrp Virtual Router configuration Virtual Router Redundancy Protocol configurationPreem disableenable Ifs disableenable Vrrp Virtual Router Priority Tracking configurationVrrp Virtual Router Group configuration Vrs disableenableVrrp Virtual Router Group Priority Tracking configuration Passw password Vrrp Interface configurationVrrp Tracking configuration QoS 802.1p configuration Quality of Service configurationAccess Control configuration Stats ed Access Control List configurationEgrport port number Action permitdenysetprioACL IP Version 4 Filter configuration ACL Ethernet Filter configurationFlags value 0x0-0x3f ACL TCP/UDP Filter configurationSport 1-65535 port mask Cir ACL Meter configurationACL Re-mark configuration Enable edACL Re-mark Out-of-Profile configuration ACL Re-mark In-Profile configurationACL Re-mark In-Profile Update User Priority configuration ACL Group configuration Remote Monitoring configurationACL Packet Format configuration Owner 1-127 characters Rmon history configurationIfoid 1-127 characters Type nonelogtrapboth Rmon event configurationRmon alarm configuration Descn 1-127 charactersFlimit -2147483647 to Port mirroringRlimit -2147483647 to 2147483647Rem mirrored port Uplink Failure Detection configurationPort-based port mirroring Add mirrored port inoutbothRemport port number Failure Detection Pair configurationLink to Monitor configuration Addport port numberAddport port number Remport port number Saving the active switch configurationLink to Disable configuration DumpConfiguration# gtcfg FTP/TFTP server filename Restoring the active switch configurationCommand /cfg/gtcfg FTP/TFTP server filename Operations-level port options Operations MenuOperations-level Vrrp options Reset ReauthOperations-level port 802.1x options Downloading new software to the switch Updating the switch software imageAddress Selecting a software image to runBoot Options# conf Uploading a software image from the switchSelecting a configuration block Boot Options# ptimgBoot Options# cur Resetting the switchAccessing the Iscli Boot Options# resetMaintenance Menu 0xXXXXXXXX System maintenance optionsForwarding Database options Flags new Nvram flags word asARP cache options Debugging optionsBroadcastmartian IP Route Manipulation optionsIgmp Multicast Group options Igmp Mrouter options Igmp Snooping optionsClearing dump information Uuencode flash dumpFTP/TFTP system dump put Unscheduled system dumps Panic commandCommand /maint/panic Confirm dump and reboot y/n yIndex
Related manuals
Manual 33 pages 57.51 Kb
Top Page Image Contents