41 configuring secure shell, 1 overview, 2 references – CANOGA PERKINS 9175 Configuration Guide User Manual
Page 260: 3 terminology, 4 configuring the ssh server
CanogaOS Configuration Guide
41-1
41 Configuring Secure Shell
41.1 Overview
The Secure Shell (SSH) is a protocol that provides a secure, remote connection to a
device. SSH provides more security for remote connections than Telnet does by
providing strong encryption when a device is authenticated. SSH supports the Data
Encryption Standard (DES) encryption algorithm, the Triple DES (3DES) encryption
algorithm, and password-based user authentication. The SSH feature has an SSH
server and an SSH integrated client, which are applications that run on the switch. You
can use an SSH client to connect to a switch running the SSH server. The SSH server
works with the SSH client supported in this release and with SSH clients. The SSH client
also works with the SSH server supported in this release and with SSH servers.
41.2 References
The SSH module is based on the following document:
RFC 4716, RFC 4255, RFC 4256
41.3 Terminology
Following is a brief description of terms and concepts used to describe the SSH protocol:
RSA
Rivest, Shamir, and Adelman authentication.
DES
Data Encryption Standard.
3DES
Triple Data Encryption Standard.
41.4 Configuring the SSH Server
Beginning in privileged EXEC mode, follow these steps to configure the SSH server:
DUT#configure terminal
Enter the Configure mode.
DUT(config)#ip ssh server enable
Enable SSH server globally
DUT(config)#ip ssh server version all
(Optional) Configure the switch to run SSH Version 1
or SSH Version 2 or both.
• 1—Configure the switch to run SSH Version 1.
• 2—Configure the switch to run SSH Version 2.
• all—Configure the switch to run SSH Version 1 and
Version 2.
DUT(config)#ip ssh server authentication-timeout 100
Configure the SSH control parameters:
• Specify the time-out value in seconds; the default is
120 seconds. The range is 0 to 120 seconds. This
parameter applies to the SSH negotiation phase.
DUT(config)#ip ssh server authentication-retries 3
Configure the SSH control parameters: