CLI: SSH
You can use the ssh command to enable SSH access the system
ssh server {restrict|enable|host-key|listen|min-version|ports|x11-forwarding}
To restrict a network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component from accessing the SSH server:
ssh server restrict <network-object>
To enable SSH access to the system:
ssh server enable <server-name>
To set a new RSA or DSA host key:
ssh server host-key <key> {private-key|public-key}
private-key- Set the new private key for host keys of the specified typepublic-key- Set the new public key for host keys of the specified type
To generate a new RSA or DSA host key:
ssh server host-key generate
To enable SSH interface restrictions on access to the system:
ssh server listen enable
To add an interface to the SSH server access restriction list:
ssh server listen interface <interface-name>
To specify the minimum version of the SSH protocol that is supported:
ssh server min-version <version-number>
To set the ports the SSH server listens on:
ssh server ports <port-number>
To enable x11 forwarding on the SSH server:
ssh server x11-forwarding enable
Configuring SSH clients
ssh client {global|user}
To configure whether the SSH client checks for a host key from the list of known host keys:
ssh client global host-key-check [yes|no|ask]
To add a global SSH client known host entry:
ssh client global known-host <known host entry>
To configure the authorized key for the specified SSH user:
ssh client user <user name> authorized-key sshv2
To identify the type of key used by the SSH user:
ssh client user <user name> identity <key type>
To set the known host for the SSH user:
ssh client user <user name> known-host <known host>
Viewing SSH configurations
show ssh {client|server}
To display the parameters of the SSH client:
show ssh client <client-name>
To display the parameters of the SSH server:
show ssh server <server-name>
To display the settings of the SSH server with full host keys:
show ssh server host-keys <server-name>