![](/images/backgrounds/126775/126775-386289x1.png)
Chapter 38 System Remote Management
38.4.3 SSH Commands
The following table describes the commands available for SSH. You must use the configure terminal command to enter the configuration mode before you can use these commands.
Table 172 Command Summary: SSH
COMMAND | DESCRIPTION | |
[no] ip ssh server | Allows SSH access to the ZyWALL CLI. The no command | |
| disables SSH access to the ZyWALL CLI. | |
|
| |
[no] ip ssh server cert certificate_name | Sets a certificate whose corresponding private key is to be | |
| used to identify the ZyWALL for SSH connections. The no | |
| command resets the certificate used by the SSH server to | |
| the factory default (default). | |
| certificate_name: The name of the certificate. You can use | |
| up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- | |
| characters. | |
|
| |
[no] ip ssh server port <1..65535> | Sets the SSH service port number. The no command resets | |
| the SSH service port number to the factory default (22). | |
|
| |
ip ssh server rule {rule_numberappendinsert | Sets a service control rule for SSH service. | |
rule_number} | address_object: The name of the IP address (group) object. | |
zone {ALLzone_object} action {acceptdeny} | ||
You may use | ||
| ||
| or dashes | |
| This value is | |
| zone_object: The name of the zone. For the ZyWALL USG | |
| 300 and above, use up to 31 characters | |
| name cannot start with a number. This value is case- | |
| sensitive. | |
| The ZyWALL USG 200 and lower models use | |
| zone names like DMZ, LAN1, SSL VPN, WLAN, IPSec VPN, | |
| OPT, and WAN. | |
|
| |
ip ssh server rule move rule_number to rule_number | Changes the index number of a SSH service control rule. | |
[no] ip ssh server v1 | Enables remote management using SSH v1. The no | |
| command stops the ZyWALL from using SSH v1. | |
|
| |
no ip ssh server rule rule_number | Deletes a service control rule for SSH service. | |
show ip ssh server status | Displays SSH settings. |
38.4.4 SSH Command Examples
This command sets a service control rule that allowed the computers with the IP addresses matching the specified address object to access the specified zone using SSH service.
Router# configure terminal
Router(config)# ip ssh server rule 2
This command sets a certificate (Default) to be used to identify the ZyWALL.
Router# configure terminal
Router(config)# ip ssh server cert Default
| 289 |
ZyWALL (ZLD) CLI Reference Guide | |
|
|