Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHome Theater ServerServerIron ADX 12.4.00
21222324252627282930
ServerIron ADX Administration Guide 7
53-1002434-01
Configuring SSH
1
ServerIronADX(config)# ip ssh authentication-retries 5
Syntax: [no] ip ssh authentication-retries <number>
The <number> parameter can be from 1 to 5. The default is 3.
Setting the SSH key size
The size of the host RSA key that resides in the system-config file is always 1024 bits and cannot
be changed.
To set the SSH key size, enter the following command.
ServerIronADX(config)# ip ssh key-size 896
Syntax: [no] ip ssh key-size <number>
The <number> parameter can be from 512 – 896 bits. The default is 768 bits.
Configuring SSH password authentication
By default, SSH password authentication is enabled.
After the SSH server on the Brocade device negotiates a session key and encryption method with
the connecting client, user authentication takes place. Of the methods of user authentication
available in SSH, Brocade’s implementation of SSH supports password authentication only.
With password authentication, users are prompted for a password when they attempt to log into the
device (unless empty password logins are not allowed; see ip ssh permit-empty-passwd). If there is
no user account that matches the user name and password supplied by the user, the user is not
granted access.
You can deactivate password authentication for SSH. However, since password authentication is
the only user authentication method supported for SSH, this means that no user authentication is
performed at all. Deactivating password authentication essentially disables the SSH server
entirely.
To deactivate password authentication, enter the following command.
ServerIronADX(config)# ip ssh password-authentication no
Syntax: [no] ip ssh password-authentication no | yes
The yes option enables SSH password authentication.
Enabling empty password logins
By default, empty password logins are not allowed. This means that users with an SSH client are
always prompted for a password when they log into the device. To gain access to the device, each
user must have a user name and password. .
If you enable empty password logins, users are not prompted for a password when they log in. Any
user with an SSH client can log in without being prompted for a password.
To enable empty password logins, enter the following command.
ServerIronADX(config)# ip ssh permit-empty-passwd yes
Syntax: [no] ip ssh permit-empty-passwd no | yes