A SERVICE OF

logo

Open as PDF
next previous
xStack
®
DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
610
80
SECURE SHELL (SSH) COMMANDS
The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC (the SSH
Client) and the Switch (the SSH Server), are as follows:
Create a user account with admin-level access using the create account admin <username> <password>
command. This is identical to creating any other admin-lever user account on the Switch, including specifying a
password. This password is used to login to the Switch, once secure communication has been established using
the SSH protocol.
Configure the user account to use a specified authorization method to identify users that are allowed to establish
SSH connections with the Switch using the config ssh user command. There are three choices as to the method
SSH will use to authorize the user, and they are password, publickey and hostbased.
Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH
Client and the SSH Server.
Finally, enable SSH on the Switch using the enable ssh command.
After following the above steps, you can configure an SSH Client on the remote PC and manage the Switch using secure,
in-band communication.
The Secure Shell (SSH) commands in the Command Line Interface (CLI) are listed (along with the appropriate
parameters) in the following table.
Command
Parameters
config ssh algorithm [3DES | AES128 | AES192 | AES256 | Arcfour | blowfish | cast128 | twofish128 |
twofish192 | twofish256 | MD5 | SHA1 | RSA | DSS] [enable | disable]
show ssh algorithm
config ssh authmode [password | publickey | hostbased] [enable | disable]
show ssh authmode
config ssh user <username 15> authmode [hostbased [hostname <domain_name 32> |
hostname_IP <domain_name 32> <ipaddr>] | password | publickey]
show ssh user authmode
config ssh server {maxsession <int 1-8>| contimeout <sec 120-600> | authfail {<int 2-20> | rekey
[10min | 30min | 60min | never] | port < tcp_port_number 1-65535>}
enable ssh
disable ssh
show ssh server
Each command is listed, in detail, in the following sections.
config ssh algorithm
Purpose Used to config ssh server algorithm.
Syntax
config ssh algorithm [3DES | AES128 | AES192 | AES256 | Arcfour | blowfish | cast128 |
twofish128 | twofish192 | twofish256 | MD5 | SHA1 | RSA | DSS] [enable | disable]
Description The config ssh algorithm command config the ssh service algorithm.