beautypg.com

Generating a host key pair, Show ip ssh config command output information – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 260

background image

242

Multi-Service IronWare Security Configuration Guide

53-1003035-02

SSH server version 2 support

5

TABLE 34

show ip ssh config command output information.

Generating a host key pair

When SSH server is configured, a public and private host DSA key pair is generated for the device.
The SSH server on the device uses this host DSA key pair, along with a dynamically generated
server DSA key pair, to negotiate a session key and encryption method with the client trying to
connect to it.

Field

Description

SSH server

Whether the SSH server is enabled or disabled.

SSH server port

SSH server port number

Encryption

The encryption used for the SSH server connection. The following values
are displayed when AES only is enabled:

AES-256, AES-192, and AES-128 indicate the different AES
methods used for encryption.

3-DES indicates 3-DES algorithm is used for encryption.

Permit empty password

Whether an empty password login is allowed or not allowed.

Authentication methods

The authentication methods used for SSH server. The authentication
can have one or more of the following values:

Password - Indicates that you are prompted for a password when
attempting to log in to the device.

Public-key - Indicates that DSA challenge-response authentication
is enabled.

Interactive - Indicates the interactive authentication si enabled.

Authentication retries

The number of authentication retries. This number can be from 1
through 5.

Login timeout (seconds)

SSH server login timeout value in seconds. This value can be from 0
through 120.

Idle timeout (minutes)

SSH server idle timeout value in minutes. This value can be from 0
through 240.

Strict management VRF

Whether the strict management VRF is enabled or disabled.

SCP

Whether SCP is enabled or disabled.

SSH server IPv4 clients

The list of IPv4 addresses to which SSH server access is allowed. The
default is “All”.

SSH server IPv6 clients

The list of IPv4 addresses to which SSH server access is allowed. The
default is “All”.

SSH server IPv4 access-list

The IPv4 ACL used to permit or deny access to the device using SSH
server.

SSH server IPv6 access-list

The IPv6 ACL used to permit or deny access to the device using SSH
server.

See also other documents in the category Brocade Computer Accessories: