Filter
Top Products
CLI (Command Line Interface)
178
NXA-ENET24 - Software Management Guide
Secure Shell Commands
Command Function
ip ssh server
This command enables
the Secure Shell (SSH)
server on this switch.
Use the no form to disable
this service.
Syntax:
[no] ip ssh server
Default Setting: Disabled
Command Mode: Global Configuration
Command Usage:
• The SSH server supports up to four client sessions. The maximum number of
client sessions includes both current Telnet sessions and SSH sessions.
• The SSH server uses DSA or RSA for key exchange when the client first
establishes a connection with the switch, and then negotiates with the client to
select either DES (56-bit) or 3DES (168-bit) for data encryption.
• You must generate the host key before enabling the SSH server.
Example:
Console#ip ssh crypto host-key generate dsa
Console#configure
Console(config)#ip ssh server
Console(config)#
ip ssh timeout
This command configures
the timeout for the SSH
server.
Use the no form to restore
the default setting.
Syntax:
ip ssh timeout seconds
no ip ssh timeout
• seconds – The timeout for client response during SSH negotiation.
Range: 1-120
Default Setting: 10 seconds
Command Mode: Global Configuration
Command Usage: The timeout specifies the interval the switch will wait for a
response from the client during the SSH negotiation phase. Once an SSH session
has been established, the timeout for user input is controlled by the exec-timeout
command for vty sessions.
Example:
Console(config)#ip ssh timeout 60
Console(config)#
ip ssh authentication-
retries
This command configures
the number of times the
SSH server attempts to
reauthenticate a user.
Use the no form to restore
the default setting.
Syntax:
ip ssh authentication-retries count
no ip ssh authentication-retries
• count – The number of authentication attempts permitted after which the
interface is reset.
Range: 1-5
Default Setting: 3
Command Mode: Global Configuration
Example:
Console(config)#ip ssh authentication-retires 2
Console(config)#
ip ssh server-key size
This command sets the
SSH server key size.
Use the no form to restore
the default setting.
Syntax:
ip ssh server-key size key-size
no ip ssh server-key size
• key-size – The size of server key.
Range: 512-896 bits
Default Setting: 768 bits
Command Mode: Global Configuration
Command Usage:
• The server key is a private key that is never shared outside the switch.
• The host key is shared with the SSH client, and is fixed at 1024 bits.
Example:
Console(config)#ip ssh server-key size 512
Console(config)#