beautypg.com

Ssh server allow-users – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1415

background image

Secure Shell (SSH) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

54.33

ssh server allow-users

This command adds a username pattern to the allow list of the SSH server. If the user of an
incoming SSH session matches the pattern, the session is accepted.

When there are no registered users in the server’s database of allowed users, the SSH
server does not accept SSH sessions even when enabled.

SSH server also maintains the deny list. The server checks the user in the deny list first. If a
user is listed in the deny list, then the user access is denied even if the user is listed in the
allow list.

The no variant of this command deletes a username pattern from the allow list of the SSH
server. To delete an entry from the allow list, the username and hostname pattern should
match exactly with the existing entry.

Syntax

ssh server allow-users <username-pattern> [<hostname-pattern>]

no ssh server allow-users <username-pattern> [<hostname-pattern>]

Mode

Global Configuration

Examples

To allow the user john to create an SSH session from any host, use the commands:

To allow the user john to create an SSH session from a range of IP address (from
192.168.1.1 to 192.168.1.255), use the commands:

To allow the user john to create a SSH session from a-company.com domain, use the
commands:

Parameter

Description

The username pattern that users can match to. An asterisk
acts as a wildcard character that matches any string of
characters.

<hostname-pattern>

The host name pattern that hosts can match to. If specified,
the server allows the user to connect only from hosts
matching the pattern. An asterisk acts as a wildcard
character that matches any string of characters.

awplus#

configure terminal

awplus(config)#

ssh server allow-users john

awplus#

configure terminal

awplus(config)#

ssh server allow-users john 192.168.1.*

awplus#

configure terminal

awplus(config)#

ssh server allow-users john *.a-company.com