beautypg.com

Enabling empty password logins, Setting the ssh port number, Setting the ssh login timeout value – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 89

background image

The default is yes .

To deactivate password authentication, enter the following command.

device(config)#ip ssh password-authentication no

Syntax: ip ssh password--authentication { no | yes }

The default is yes .

Enabling empty password logins

By default, empty password logins are not allowed. This means that users with an SSH client are
always prompted for a password when they log into the device. To gain access to the device, each user
must have a user name and password. Without a user name and password, a user is not granted
access.

If you enable empty password logins, users are not prompted for a password when they log in. Any user
with an SSH client can log in without being prompted for a password.

To enable empty password logins, enter the following command.

device(config)#ip ssh permit-empty-passwd yes

Syntax: ip ssh permit-empty-passwd { no | yes }

Setting the SSH port number

By default, SSH traffic occurs on TCP port 22. You can change this port number. For example, the
following command changes the SSH port number to 2200.

device(config)#ip ssh port 2200

Note that if you change the default SSH port number, you must configure SSH clients to connect to the
new port. Also, you should be careful not to assign SSH to a port that is used by another service. If you
change the SSH port number, Brocade recommends that you change it to a port number greater than
1024.

Syntax: ip ssh port number

Setting the SSH login timeout value

When the SSH server attempts to negotiate a session key and encryption method with a connecting
client, it waits a maximum of 120 seconds for a response from the client. If there is no response from
the client after 120 seconds, the SSH server disconnects. You can change this timeout value to
between 1 - 120 seconds. For example, to change the timeout value to 60 seconds, enter the following
command.

device(config)#ip ssh timeout 60

Syntax: ip ssh timeout seconds

Enabling empty password logins

FastIron Ethernet Switch Security Configuration Guide

89

53-1003088-03

See also other documents in the category Brocade Computer Accessories: