Restricting ssh connection, Defining the telnet idle time, Access – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 27
The following command allows Telnet access to the Brocade device to a host with any IP address and
MAC address 0000.000f.e9a0.
device(config)#telnet client any 0000.000f.e9a0
Syntax: [no] telnet client any mac-addr
Restricting SSH connection
You can restrict SSH connection to a device based on the client IP address or MAC address.
To allow SSH access to the Brocade device only to the host with IP address 10.157.22.39 and MAC
address 0000.000f.e9a0, enter the following command.
device(config)#ip ssh client 10.157.22.39 0000.000f.e9a0
Syntax: [no] ip ssh client { ip-addr | ipv6-addrmac-addr }
To allow SSH access to the Brocade device to a host with any IP address and MAC address
0000.000f.e9a0, enter the following command.
device(config)#ip ssh client any 0000.000f.e9a0
Syntax: [no] ip ssh client any mac-addr
Defining the Telnet idle time
You can define how many minutes a Telnet session can remain idle before it is timed out. An idle Telnet
session is a session that is still sending TCP ACKs in response to keepalive messages from the device,
but is not being used to send data.
To configure the idle time for a Telnet session, use the following command.
device(config)#telnet timeout 120
Syntax: [no] telnet timeout minutes
For minutes enter a value from 0 - 240. The default value is 0 minutes (no timeout).
Specifying the maximum number of login attemptsfor Telnet access
If you are connecting to the Brocade device using Telnet, the device prompts you for a username and
password. By default, you have up to 4 chances to enter a correct username and password. If you do
not enter a correct username or password after 4 attempts, the Brocade device disconnects the Telnet
session.
You can specify the number of attempts a Telnet user has to enter a correct username and password
before the device disconnects the Telnet session. For example, to allow a Telnet user up to 5 chances
to enter a correct username and password, enter the following command.
device(config)#telnet login-retries 5
Syntax: [no] telnet login-retries number
You can specify from 0 - 5 attempts. The default is 4 attempts.
Restricting SSH connection
FastIron Ethernet Switch Security Configuration Guide
27
53-1003088-03