CLI: SSH

You can use the ssh command to enable SSH access the system

ssh server {restrict|enable|host-key|listen|min-version|ports|x11-forwarding}

To restrict a network objecta logical definition created and stored in the Exinda lilbrary, can represent any network component from accessing the SSH server:

ssh server restrict <network-object>

To enable SSH access to the system:

ssh server enable <server-name>

To set a new RSA or DSA host key:

ssh server host-key <key> {private-key|public-key}

  • private-key - Set the new private key for host keys of the specified type
  • public-key - Set the new public key for host keys of the specified type

To generate a new RSA or DSA host key:

ssh server host-key generate

To enable SSH interface restrictions on access to the system:

ssh server listen enable

To add an interface to the SSH server access restriction list:

ssh server listen interface <interface-name>

To specify the minimum version of the SSH protocol that is supported:

ssh server min-version <version-number>

To set the ports the SSH server listens on:

ssh server ports <port-number>

To enable x11 forwarding on the SSH server:

ssh server x11-forwarding enable

Configuring SSH clients

ssh client {global|user}

To configure whether the SSH client checks for a host key from the list of known host keys:

ssh client global host-key-check [yes|no|ask]

To add a global SSH client known host entry:

ssh client global known-host <known host entry>

To configure the authorized key for the specified SSH user:

ssh client user <user name> authorized-key sshv2

To identify the type of key used by the SSH user:

ssh client user <user name> identity <key type>

To set the known host for the SSH user:

ssh client user <user name> known-host <known host>

Viewing SSH configurations

show ssh {client|server}

To display the parameters of the SSH client:

show ssh client <client-name>

To display the parameters of the SSH server:

show ssh server <server-name>

To display the settings of the SSH server with full host keys:

show ssh server host-keys <server-name>