6-16
IPv6 Management Security Features
Secure Shell for IPv6
Note As with IPv4, the switch only supports SSH version 2. You cannot set up an
SSH session with a client device running SSH version 1.
For complete information on how to configure SSH for encrypted, authenti-
cated transactions between the switch and SSH-enabled client devices, refer
to the “Configuring Secure Shell (SSH)” chapter in the Access Security
Guide.
Syntax:. [no] ip ssh
Enables SSH on the switch and activates the connection
with a configured SSH server (RADIUS or TACACS+).
To disable SSH on the switch, enter the no ip ssh com-
mand.
[ip-version < 4 | 6 | 4or6 >]
IP version used for SSH connections on the switch:
4 accepts SSH connections only from IPv4 clients.
6 accepts SSH connections only from IPv6 clients.
4or6 accepts SSH connections from either IPv4 or IPv6
clients. (Default: 4or6).
To disable SSH connections with IPv4 clients, enter the
ip ssh ip-version 6 command; to disable SSH connections
with IPv6 clients, enter the ip ssh ip-version 4 command.
[port < 1-65535 | default >]
TCP port number used for SSH sessions in IPv4 and
IPv6 connections (Default: 22).
Valid port numbers are from 1 to 65535, except for port
numbers 23, 49, 80, 280,443, 1506, 1513 and 9999,
which are reserved for other subsystems.
[timeout < 5 - 120 >]
Timeout value allowed to complete an SSH authentica-
tion and login on the switch (Default: 120 seconds).
[filetransfer]
Enables SSH on the switch to connect to an SCP or SFTP
client application to transfer files to and from the
switch over IPv4 or IPv6.
For more information, see “Secure Copy and Secure
FTP for IPv6” on page 6-18.