Manualshelf

Administrator Guide

ManualsBrandsDell ManualsserversDell Force10 MXL Blade
691692693694695696697698699700
Secure Shell Authentication
Secure Shell (SSH) is disabled by default.
Enable SSH using the ip ssh server enable command.
SSH supports three methods of authentication:
Enabling SSH Authentication by Password
Using RSA Authentication of SSH
Conguring Host-Based SSH Authentication
Important Points to Remember
If you enable more than one method, the order in which the methods are preferred is based on the ssh_cong le on the Unix
machine.
When you enable all the three authentication methods, password authentication is the backup method when the RSA method
fails.
The les known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or version 2, respectively.
Enabling SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell Networking system. This setup is
the simplest method of authentication and uses SSH version 1.
To enable SSH password authentication, use the following command.
Enable SSH password authentication.
CONFIGURATION mode
ip ssh password-authentication enable
Example of Enabling SSH Password Authentication
To view your SSH conguration, use the show ip ssh command from EXEC Privilege mode.
Dell(conf)#ip ssh server enable
% Please wait while SSH Daemon initializes ... done.
Dell(conf)#ip ssh password-authentication enable
Dell#sh ip ssh
SSH server : enabled.
Password Authentication : enabled.
Hostbased Authentication : disabled.
RSA Authentication : disabled.
Vty Encryption
Using RSA Authentication of SSH
The following procedure authenticates an SSH client based on an RSA key using RSA authentication. This method uses SSH version
2.
1. On the SSH client (Unix machine), generate an RSA key, as shown in the following example.
2. Copy the public key id_rsa.pub to the Dell Networking system.
3. Disable password authentication if enabled.
CONFIGURATION mode
no ip ssh password-authentication enable
4. Bind the public keys to RSA authentication.
EXEC Privilege mode
ip ssh rsa-authentication enable
5. Bind the public keys to RSA authentication.
696
Security