Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

SCP : Enabled

SSH IPv4 clients : All

SSH IPv6 clients : All

SSH IPv4 access-group :

SSH IPv6 access-group :

SSH Client Keys :

Brocade#

Syntax: show ip ssh config

This display shows the following information.

Field

Description

SSH server

SSH server is enabled or disabled

SSH port

SSH port number

Encryption

The encryption used for the SSH connection. The following values are displayed when
AES only is enabled:

• AES-256, AES-192, and AES-128 indicate the different AES methods used for

encryption.

• 3-DES indicates 3-DES algorithm is used for encryption.

Permit empty password Empty password login is allowed or not allowed.

Authentication methods The authentication methods used for SSH. The authentication can have one or more of

the following values:

• Password - indicates that you are prompted for a password when attempting to log

into the device.

• Public-key - indicates that DSA or RSA challenge-response authentication is

enabled.

• Interactive - indicates the interactive authentication si enabled.

Authentication retries

The number of authentication retries. This number can be from 1 to 5.

Login timeout (seconds) SSH login timeout value in seconds. This can be from 0 to 120.

Idle timeout (minutes)

SSH idle timeout value in minutes. This can be from 0 to 240.

Strict management VRF Strict management VRF is enabled or disabled.

SCP

SCP is enabled or disabled.

SSH IPv4 clients

The list of IPv4 addresses to which SSH access is allowed. The default is "All".

SSH IPv6 clients

The list of IPv4 addresses to which SSh access is allowed. Default "All".

SSH IPv4 access-list

The IPv4 ACL used to permit or deny access using SSH.

SSH IPv6 access-list

The IPv6 ACL used to permit or deny access to device using SSH.

SSH2 and SCP

92

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03