Filter
Top Products
Appendix K Router Platform User Interface Reference
Secure Shell Policy Page
K-148
User Guide for Cisco Security Manager 3.2
OL-16066-01
Field Reference
Table K-64 Secure Shell Page
Element Description
SSH Version The version of SSH to use when connecting to the router:
• 1 and 2—SSH version 1 and SSH version 2. This is the default.
• 1—SSH version 1 only.
• 2—SSH version 2 only.
Timeout The amount of time the router should wait for the SSH client to respond
during the negotiation phase before disconnecting. The default value (and
the maximum) is 120 seconds.
Note After negotiation finishes and the EXEC session begins, the timeout
configured for the VTY line applies. See VTY Line Dialog
Box—Setup Tab, page K-132.
Authentication Retries The number of times the router attempts to authenticate SSH clients. Valid
values range from 0 to 5. The default is 3.
Source Interface The source address for all SSH packets sent to the SSH client.
If you do not define a value in this field, the address of the closest interface
to the destination (that is, the output interface through which SSH packets
are sent) is used.
Enter the name of an interface or interface role, or click Select to display an
Object Selectors, page F-593.
If the interface role you want is not listed, click the Create button in the
selector to display the Interface Role Dialog Box, page F-464. From here
you can define an interface role object.
RSA Key Pair The name of the RSA key pair to use for SSH connections.
If you do not enter a value, the router uses the RSA key pair generated from
its hostname and domain name. This is the default.
Tip Use the CLI command show crypto key mypubkey rsa to display
the names and values of each key pair configured on the device.
These are the valid names that can be entered in this field.