Command Reference Guide

ManualsBrandsNEC ManualsBlade ServersNEC N8406-026 10Gb L3 Switch

Error! Use the Home tab to apply 見出し 1 to the text that you want to appear here. 10

The supported SSH encryption and authentication methods are listed below.

Server Host Authentication—Client RSA authenticates the switch in the beginning of every

connection

Key Exchange—RSA

Encryption:

AES256-CBC

AES192-CBC

AES128-CBC

3DES-CBC

3DES

ARCFOUR

User Authentication—Local password authentication; Remote Authentication Dial-in User Service

(RADIUS)

The following SSH clients are supported:

SSH 3.0.1 for Linux (freeware)

SecureCRT® 4.1.8 (VanDyke Technologies, Inc.)

OpenSSH_3.9 for Linux (FC 3)

SCP commands for Linux (FC3)

PuTTY Release 0.58 (Simon Tatham) for Windows

NOTE: The switch implementation of SSH is based on versions 1.5 and 2.0, and supports SSH clients

from version 1.0 through version 2.0. SSH clients of other versions are not supported. You may

configure the client software to use protocol SSH version 1 or version 2.

By default, SSH service is not enabled on the switch. Once the IP parameters are configured, you can

access the command line interface to enable SSH.

To establish an SSH connection with the switch, run the SSH program on the workstation by issuing the ssh

command, followed by the user account name and the switch IP address:

>> # ssh <user>@<10Gb Intelligent L3 Switch IP address>

You will then be prompted to enter your password.

NOTE: The first time you run SSH from the workstation, a warning message might appear. At the

prompt, enter yes to continue.

Accessing the switch

To enable better switch management and user accountability, the switch provides different levels or

classes of user access. Levels of access to the CLI and Web management functions and screens increase

as needed to perform various switch management tasks. The three levels of access are:

User—User interaction with the switch is completely passive; nothing can be changed on the switch.

Users may display information that has no security or privacy implications, such as switch statistics

and current operational state information.

Operator—Operators can only effect temporary changes on the switch. These changes will be lost

when the switch is rebooted/reset. Operators have access to the switch management features used

for daily switch operations. Because any changes an operator makes are undone by a reset of the

switch, operators cannot severely impact switch operation, but do have access to the Maintenance

menu.

Administrator—Only administrators can make permanent changes to the switch configuration,

changes that are persistent across a reboot/reset of the switch. Administrators can access switch

functions to configure and troubleshoot problems on the switch. Because administrators can also

make temporary (operator-level) changes as well, they must be aware of the interactions between

temporary and permanent changes.

Access to switch functions is controlled through the use of unique usernames and passwords. Once you

are connected to the switch via the local console, Telnet, or SSH, you are prompted to enter a password.

The password entered determines the access level. The default user names/password for each access

level is listed in the following table.