Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

891

892

893

894

895

896

897

898

899

900

Specifying an SSH Version

The following example shows using the ip ssh server version 2 command to enable SSH version 2 and the show ip ssh

command to conrm the setting.

ell(conf)#ip ssh server version 2

Dell(conf)#do show ip ssh

SSH server : enabled.

SSH server version : v1 and v2.

SSH server vrf : default.

SSH server ciphers : aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,

3des-cbc.

SSH server macs : hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96.

SSH server kex algorithms : diffie-hellman-group-exchange-sha1,diffie-hellman-group1-

sha1,diffie-hellman-group14-sha1.

Password Authentication : enabled.

Hostbased Authentication : disabled.

RSA Authentication : disabled.

Vty Encryption HMAC Remote IP

Dell(conf)#

To disable SSH server functions, use the no ip ssh server enable command.

Using SCP with SSH to Copy a Software Image

To use secure copy (SCP) to copy a software image through an SSH connection from one switch to another, use the following commands.

1 On Switch 1, set the SSH port number (port 22 by default).

CONFIGURATION mode

ip ssh server port number

2 On Switch 1, enable SSH.

CONFIGURATION mode

ip ssh server enable

3 On Switch 2, invoke SCP.

CONFIGURATION mode

copy scp: flash:

4 On Switch 2, in response to prompts, enter the path to the desired le and enter the port number specied in Step 1.

EXEC Privilege mode

Example of Using SCP to Copy from an SSH Server on Another Switch

Other SSH-related commands include:

• crypto key generate: generate keys for the SSH server.

• debug ip ssh: enables collecting SSH debug information.

• ip scp topdir: identify a location for les used in secure copy transfer.

• ip ssh authentication-retries: congure the maximum number of attempts that should be used to authenticate a user.

• ip ssh connection-rate-limit: congure the maximum number of incoming SSH connections per minute.

• ip ssh hostbased-authentication enable: enable host-based authentication for the SSHv2 server.

• ip ssh key-size: congure the size of the server-generated RSA SSHv1 key.

• ip ssh password-authentication enable: enable password authentication for the SSH server.

• ip ssh pub-key-file: specify the le the host-based authentication uses.

• ip ssh rhostsfile: specify the rhost le the host-based authorization uses.

• ip ssh rsa-authentication enable: enable RSA authentication for the SSHv2 server.

Security

895