Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHome Theater ServerServerIron ADX 12.4.00
21222324252627282930
8 ServerIron ADX Administration Guide
53-1002434-01
Configuring SSH
1
The yes option enables SSH empty password login.
Changing the TCP port used for SSH
By default, SSH traffic occurs on TCP port 22.
To change the TCP port used for SSH, enter the following command.
ServerIronADX(config)# ip ssh port 2200
Syntax: [no] ip ssh port <number>
The <number> parameter specifies a valid TCP port number.
Note that if you change the default SSH port number, you must configure SSH clients to connect to
the new port. Also, you should be careful not to assign SSH to a port that is used by another
service. If you change the SSH port number, We recommend that you change it to a port number
greater than 1024.
Loading a public key file
NOTE
SSH public key authentication supports only DSA keys. RSA keys are not supported.
To cause a public key file to be loaded onto the device, enter commands such as the following.
ServerIronADX(config)# ip ssh pub-key-file slot1 pkeys.txt
ServerIronADX(config)# ip ssh pub-key-file tftp 192.168.1.234 pkeys.txt
ServerIronADX(config)# ip ssh pub-key-file reload
ServerIronADX(config)# ip ssh pub-key-file flash-memory
ServerIronADX(config)# write memory
Syntax: [no] ip ssh pub-key-file slot1 | slot2 <filename>
Syntax: [no] ip ssh pub-key-file tftp <tftp-server-ip-addr> <filename>
Syntax: [no] ip ssh pub-key-file reload
Syntax: [no] ip ssh pub-key-file flash-memory
The slot1 | slot2 <filename> parameter causes a public key file called <filename> to be loaded
from the Management IV module’s PCMCIA flash card each time the device is booted.
The tftp <tftp-server-ip-addr> <filename> parameter causes a public key file called <filename> to
be loaded from a TFTP server each time the Brocade device is booted.
The reload keyword reloads the public keys from the file on the TFTP server or PCMCIA flash card.
The flash-memory keyword makes the public keys in the active configuration part of the
startup-config file.
Disabling or re-enabling RSA challenge-response authentication
RSA challenge-response authentication is enabled by default.
To disable RSA challenge-response authentication, enter the following command.
ServerIronADX(config)# ip ssh rsa-authentication no