xStack DES-6500 Modular Layer 3 Chassis Ethernet Switch CLI Manual

22

SSH COMMANDS

The steps required to use the SSH protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows:

Create a user account with admin-level access using the create account admin <username> <password> command. This is identical to creating any other admin-lever User account on the Switch, including specifying a password. This password is used to login to the Switch, once secure communication has been established using the SSH protocol.

Configure the user account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the config ssh user command. There are three choices as to the method SSH will use to authorize the user, and they are password, publickey and hostbased. The user may also choose “none” to use no authentication.

Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH Client and the SSH Server.

Finally, enable SSH on the Switch using the enable ssh command.

After following the above steps, you can configure an SSH Client on the remote PC and manage the Switch using secure, in-band communication.

The Secure Shell (SSH) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.

Command

Parameters

 

 

enable ssh

 

 

 

disable ssh

 

 

 

config ssh authmode

[password publickey hostbased] [enable disable]

 

 

show ssh authmode

 

 

 

config ssh server

{maxsession <int 1-8> timeout <sec 120-600> authfail <int 2-

 

20> rekey [10min 30min 60min never] port

 

<tcp_port_number 1-65535>}

 

 

show ssh server

 

 

 

config ssh user

<username> authmode [Hostbased [hostname <string>

 

hostname_IP <string> <ipaddr>} Password Publickey]

 

 

show ssh user

 

authmode

 

 

 

config ssh algorithm

[3DES AES128 AES192 AES256 arcfour blowfish cast128

 

twofish128 twofish192 twofish256 MD5 SHA1 DSA RSA

 

ALL] [enable disable]

 

 

show ssh algorithm

 

 

 

Each command is listed, in detail, in the following sections.

176

Page 179
Image 179
D-Link TM DES-6500 manual SSH Commands