Configuring Secure Shell (SSH)

Configuring the Switch for SSH Operation

[mac <mac-type>]

Allows configuration of the set of MACs that can be selected.

Valid types are:

hmac-md5

hmac-sha1

hmac-sha1-96

hmac-md5-96

Default: All MAC types are available.

Use the no form of the command to disable a MAC type.

[port < 1-65535 default >]

The TCP port number for SSH connections (default: 22).

Important: See “Note on Port Number” on page 6-19.

[timeout < 5 - 120 >]

Sets the maximum length of time (in seconds) allowed for initial protocol negotiation and authentication. Default: 120 seconds

[listen <oobmdataboth>]

The listen parameter is available only on switches that have

aseparate out-of-band management port. Values for this parameter are:

oobm — inbound SSH access is enabled only on the out-of-band management port.

data — inbound SSH access is enabled only on the data ports.

both — inbound SSH access is enabled on both the out-of-band management port and on the data ports. This is the default value.

Refer to Appendix G, “Network Out-of-Band Management” in the Management and Configuration Guide for more information on out-of-band management.

The listen parameter is not available on switches that do not have a separate out-of-band management port.

6-18