image image image image image

On This Page

ssh server enable


ssh server enable
no ssh server enable

Enables the SSH server.
The no form of the command disables the SSH server.

Syntax DescriptionN/A
DefaultEnabled
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server enable
Related Commands

show ssh server

NotesDisabling SSH server does not terminate existing SSH sessions, it only prevents new ones from being established.

ssh server host-key


ssh server host-key {<key type> {private-key <private-key>| public-key <public-key>} | generate}

Manipulates host keys for SSH.

Syntax Descriptionkey-type
  • rsa1 – RSAv1
  • rsa2 – RSAv2
  • dsa2 – DSAv2
private-keySets new private-key for the host keys of the specified type
public-keySets new public-key for the host keys of the specified type
generateGenerates new RSA and DSA host keys for SSH
DefaultSSH keys are locally generated
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server host-key dsa2 private-key
Key: ***********************************************
Confirm: ***********************************************
Related Commands

show ssh server

Notes

ssh server listen


ssh server listen {enable | interface <inf>}
no ssh server listen {enable | interface <inf>}

Enables the listen interface restricted list for SSH. If enabled, and at least one non-DHCP interface is specified in the list, the SSH connections are only accepted on those specified interfaces.
The no form of the command disables the listen interface restricted list for SSH. When disabled, SSH connections are not accepted on any interface.

Syntax DescriptionenableEnables SSH interface restrictions on access to this system
interfaceAdds interface to SSH server access restriction list
Possible values: {lo | eth0}
DefaultSSH listen is enabled
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server listen enable
Related Commands

show ssh server

Notes

ssh server min-version


ssh server min-version <version>
no ssh server min-version

Sets the minimum version of the SSH protocol that the server supports.
The no form of the command resets the minimum version of SSH protocol supported.

Syntax DescriptionversionValues: 1 or 2
Default2
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server min-version 2
Related Commands

show ssh server

Notes

ssh server ports


ssh server ports {<port1> [<port2>...]}

Specifies which ports the SSH server listens on.

Syntax DescriptionportPort number in [1...65535]
Default22
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server ports 22
Related Commands

show ssh server

Notes
  • Multiple ports can be specified by repeating the <port> parameter
  • The command will remove any previous ports if not listed in the command

ssh server x11-forwarding


ssh server x11-forwarding enable
no ssh server x11-forwarding enable

Enables X11 forwarding on the SSH server.
The no form of the command disables X11 forwarding.

Syntax DescriptionN/A
DefaultDisabled
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh server x11-forwarding enable
Related Commands

show ssh server

Notes

ssh client global


ssh client global {host-key-check <policy>} | known-host <known-host-entry>}
no ssh client global {host-key-check | known-host localhost}

Configures global SSH client settings.
The no form of the command negates global SSH client settings.

Syntax Descriptionhost-key-checkSets SSH client configuration to control how host key checking is performed. This parameter may be set in 3 ways.
  • If set to "no" it always permits connection, and accepts any new or changed host keys without checking
  • If set to "ask" it prompts user to accept new host keys, but does not permit a connection if there was already a known host entry that does not match the one presented by the host
  • If set to "yes" it only permits connection if a matching host key is already in the known hosts file
known-hostAdds an entry to the global known-hosts configuration file. The entry consists of "<IP> <key-type> <key>".
Defaulthost-key-check – ask, no keys are configured by default
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh client global host-key-check no
Related Commands

show ssh client

Notes

ssh client user


ssh client user <username> {authorized-key sshv2 <public key> | identity <key type> {generate | private-key [<private key>] | public-key [<public key>]} | known-host <known host> remove}
no ssh client user admin {authorized-key sshv2 <public key ID> | identity <key type>}

Adds an entry to the global known-hosts configuration file, either by generating new key, or by adding manually a public or private key.
The no form of the command removes a public key from the specified user's authorized key list, or changes the key type.

Syntax Descriptionusername

The specified user must be a valid account on the system. Possible values: admin, monitor, xmladmin, and xmluser.

authorized-key sshv2Adds the specified key to the list of authorized SSHv2 RSA or DSA public keys for this user account. These keys can be used to log into the user's account.
identitySets certain SSH client identity settings for a user, dsa2 or rsa2
generateGenerates SSH client identity keys for specified user
private-keySets private key SSH client identity settings for the user
public-keySets public key SSH client identity settings for the user
known-hostRemoves host from user's known host file
DefaultNo keys
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # ssh client user admin known-host 172.30.1.116 remove
Related Commands

show ssh client

NotesIf a key is being pasted from a cut buffer and was displayed with a paging program, it is likely that newline characters have been inserted, even if the output was not long enough to require paging. One can specify "no cli session paging enable" before running the "show" command to prevent the newlines from being inserted.

slogin


slogin [<slogin options>] <hostname>

Invokes the SSH client. The user is returned to the CLI when SSH finishes.

Syntax Descriptionslogin options

usage: slogin [-1246AaCfgkNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D port]
                      [-e escape_char] [-F configfile] [-i identity_file] [-L port:host:hostport]
                      [-l login_name] [-m mac_spec] [-o option] [-p port] [-R port:host:hostport]
                      [user@]hostname [command]

DefaultN/A
Configuration Modeconfig
History1.5
Example
ufmapl [ mgmt-sa ] (config) # slogin 192.168.10.70
The authenticity of host '192.168.10.70 (192.168.10.70)' can't be established.
RSA key fingerprint is 2e:ad:2d:23:45:4e:47:e0:2c:ae:8c:34:f0:1a:88:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.10.70' (RSA) to the list of known hosts.

Mellanox MLNX-OS Switch Management

Last login: Sat Feb 28 22:55:17 2009 from 10.208.0.121

Mellanox Switch
Related Commands


Notes

show ssh client


show ssh client

Displays the client configuration of the SSH server.

Syntax DescriptionN/A
DefaultN/A
Configuration ModeAny configuration mode
History1.5
Example
ufmapl [ mgmt-sa ] (config) # show ssh client
SSH client Strict Hostkey Checking: ask

SSH Global Known Hosts:
    Entry 1: 72.30.2.2
          Finger Print: 1e:b7:8b:ec:ab:35:98:be:6b:d6:12:c2:18:72:12:d6

No SSH user identities configured.

No SSH authorized keys configured.
Related Commands

ssh client global
ssh client user

Notes

show ssh server


show ssh server

Displays SSH server configuration.

Syntax DescriptionN/A
DefaultN/A
Configuration ModeAny configuration mode
History1.5
Example
ufmapl [ mgmt-sa ] (config) # show ssh server
SSH server configuration:
   SSH server enabled:       yes
   Minimum protocol version: 2
   X11 forwarding enabled:   no
   SSH server ports:         22

   Interface listen enabled: yes
   No Listen Interfaces.

Host Key Finger Prints:
    RSA v1 host key: a0:63:db:96:e2:95:5a:5a:fd:a8:d0:f4:ab:e3:5f:f8
    RSA v2 host key: 1e:b7:8b:ec:ab:35:98:be:6b:d6:12:c2:18:72:12:d6
    DSA v2 host key: 7c:4a:f7:72:51:67:b5:0b:cd:a2:d2:b9:f3:be:3e:68
Related Commands

ssh server

Notes