SSH2 client

The scp command can be used when TFTP access is unavailable or not permitted and the command has an equivalent function to the ip ssh pub-key-file tftp command. For more information on the ip ssh pub-key-file tftp command, refer to “Importing authorized public keys into the Brocade device” on page 68.

SSH2 client

SSH2 client allows you to connect from a Brocade device to an SSH2 server, including another Brocade device that is configured as an SSH2 server. You can start an outbound SSH2 client session while you are connected to the device by any connection method (SSH2, Telnet, console). Brocade devices support one outbound SSH2 client session at a time.

The supported SSH2 client features are as follows:

Encryption algorithms, in the order of preference:

-aes256-cbc

-aes192-cbc

-aes128-cbc

-3des-cbc

SSH2 client session authentication algorithms:

-Password authentication

-Public Key authentication

Message Authentication Code (MAC) algorithm: hmac-sha1

Key exchange algorithm: diffie-hellman-group1-sha1

No compression algorithms are supported.

The client session can be established through either in-band or out-of-band management ports.

The client session can be established through IPv4 or IPv6 protocol access.

The client session can be established to a server listening on a non-default SSH port.

Enabling SSH2 client

To use SSH2 client, you must first enable SSH2 server on the device. See “SSH2 authentication types” on page 65.

When SSH2 server is enabled, you can use SSH client to connect to an SSH server using password authentication.

Configuring SSH2 client public key authentication

To use SSH client for public key authentication, you must generate SSH client authentication keys and export the public key to the SSH servers to which you want to connect.

The following sections describe how to configure SSH client public key authentication:

“Generating and deleting a client DSA key pair” on page 79

“Generating and deleting a client RSA key pair” on page 79

78

Brocade ICX 6650 Security Configuration Guide

 

53-1002601-01

Page 98
Image 98
Brocade Communications Systems 6650 manual Enabling SSH2 client, Configuring SSH2 client public key authentication