beautypg.com

Validating the server configuration, Adding ssh users – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1372

background image

Secure Shell (SSH) Introduction

Software Reference for x310 Series Switches

52.6

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

Validating the Server Configuration

To validate the SSH server configuration, use the command:

Adding SSH Users

The SSH server requires you to register SSH users. Users that are not registered cannot
access the SSH server. Ensure first that you have defined the user in the Authorized User
Database of your device. To add a new user, use the command:

To register a user with the SSH server, use the command:

Registered entries can contain just the username, or the username with some host details,
such as an IP address range. Additionally you can specify a range of users or hostname
details by using an asterisk to match any string of characters. For example, to allow any
user from the IP range 192.168.1.1 to 192.168.1.255, use the command:

To display the list of allowed users, use the command:

To delete an entry from the list of allowed users, use the command:

The SSH server also contains a list of denied users. The server checks all incoming sessions
against this list and denies any matching session, regardless of whether the session
matches an entry in the allowed users list. To add an entry to the list of denied users, use
the command:

This allows you to deny specific users from a range of allowed users. For example, to deny
a user with the IP address 192.168.1.12, use the command:

To display the database of denied users, use the command:

awplus(config)#

show running-config ssh

awplus(config)#

username USERNAME (privilege 1-15) password
PASSWORD

awplus(config)#

ssh server allow-users
[]

awplus(config)#

ssh server allow-users * 192.168.1.*

awplus#

show ssh server allow-users

awplus(config)#

no ssh server allow-users
[]

awplus(config)#

ssh server deny-users
[]

awplus(config)#

ssh server deny-users * 192.168.1.12

awplus#

show ssh server deny-users