Configuring the ssh server, Creating a host key, Enabling the server – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Secure Shell (SSH) Introduction

Software Reference for x310 Series Switches

52.4

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

Configuring the SSH Server

This section provides instructions on:

■

Creating a Host Key

■

Enabling the Server

■

Modifying the Server

■

Validating the Server Configuration

■

Adding SSH Users

■

Authenticating SSH Users

■

Adding a Login Banner

■

Monitoring the Server and Managing Sessions

■

Debugging the Server

Creating a Host Key

The SSH server uses either an RSA or DSA host key to authenticate itself with SSH clients.
This key must be configured before the SSH server can operate. If no host key exists, you
cannot start the SSH server.

Once created, the host key is stored securely on the device. To generate a host key for the
SSH server, use the command:

This command has two parameters for creating RSA keys. The rsa parameter creates a host
key for SSH version 2 sessions only. To create a host key for SSH version 1 sessions, use the
rsa1 parameter.

To destroy a host key, use the command:

To display a host key stored on your device, use the command:

Enabling the Server

You must enable the SSH server before connections from SSH, SCP, and SFTP clients are
accepted. When the SSH server is disabled it rejects connections from SSH clients. The SSH
server is disabled by default on your device.

To enable the SSH server, use the command:

To disable the SSH server, use the command:

awplus(config)#

crypto key generate hostkey {dsa|rsa|rsa1}
[<768-32768>]

awplus(config)#

crypto key destroy hostkey {dsa|rsa|rsa1}

awplus(config)#

show crypto key hostkey [dsa|rsa|rsa1]

awplus(config)#

service ssh [ip|ipv6]

awplus(config)#

no service ssh [ip|ipv6]