Configuring ssh/scp – Nortel Networks WEB OS 212777 User Manual

Web OS 10.0 Application Guide

Chapter 5: Secure Switch Management

n

111

212777-A, February 2002

Configuring SSH/SCP

SSH/SCP parameters can be configured only via the console port, using the CLI. The switch
SSH daemon uses TCP port 22 only and is not configurable.

To enable or disable the SSH/SCP feature, use the following commands:

To set the interval of RSA server key autogeneration, use this command:

where the number of hours must range between 0–24, and a value of 0 denotes that RSA server
key autogeneration is disabled. When greater than 0, the switch will auto-generate the RSA
server key every interval specified; however, RSA server key generation will be skipped if the
switch is busy doing other key or cipher generation when the timer expires.

To enable or disable the SCP apply and save (SCP

putcfg_apply

and

putcfg_apply_save

commands), use these commands:

The following commands are useful for obtaining information about the current SSH/SCP-
related configuration:

To apply the pending changes from the new configuration, use this command:

N

OTE

–

If SSH/SCP is enabled and an

apply

command is issued, the switch will automati-

cally generate the RSA host and server keys if they are not available. It will take several min-
utes to complete this process.

>> # /cfg/sys/sshd/on

(Turn SSH/SCP on)

>> # /cfg/sys/sshd/off

(Turn SSH/SCP off)

>> # /cfg/sys/sshd/intrval

>> # /cfg/sys/sshd/ena

(Enable SSH/SCP apply and save)

>> # /cfg/sys/sshd/dis

(Disable SSH/SCP apply and save)

>> # /cfg/sys/sshd/cur

(View current SSH/SCP settings)

>> # diff

(View pending changes)

>> # apply