DELL S6000-ON User Manual
Troubleshooting SSH
To troubleshoot SSH, use the following information.
You may not bind id_rsa.pub to RSA authentication while logged in via the console. In this case, this
message displays:%Error: No username set for this term.
Enable host-based authentication on the server (Dell Networking system) and the client (Unix machine).
The following message appears if you attempt to log in via SSH and host-based is disabled on the client.
In this case, verify that host-based authentication is set to “Yes” in the file ssh_config (root permission is
required to edit this file): permission denied (host based).
You may not bind id_rsa.pub to RSA authentication while logged in via the console. In this case, this
message displays:%Error: No username set for this term.
Enable host-based authentication on the server (Dell Networking system) and the client (Unix machine).
The following message appears if you attempt to log in via SSH and host-based is disabled on the client.
In this case, verify that host-based authentication is set to “Yes” in the file ssh_config (root permission is
required to edit this file): permission denied (host based).
If the IP address in the RSA key does not match the IP address from which you attempt to log in, the
following message appears. In this case, verify that the name and IP address of the client is contained in
the file /etc/hosts: RSA Authentication Error.
following message appears. In this case, verify that the name and IP address of the client is contained in
the file /etc/hosts: RSA Authentication Error.
Telnet
To use Telnet with SSH, first enable SSH, as previously described.
By default, the Telnet daemon is enabled. If you want to disable the Telnet daemon, use the following
command, or disable Telnet in the startup config. To enable or disable the Telnet daemon, use the [no]
ip telnet server enable command.
The Telnet server or client is VRF-aware. You can enable a Telnet server or client to listen to a specific
VRF by using the vrf vrf-instance-name parameter in the telnet command. This capability
enables a Telent server or client to look up the correct routing table and establish a connection.
command, or disable Telnet in the startup config. To enable or disable the Telnet daemon, use the [no]
ip telnet server enable command.
The Telnet server or client is VRF-aware. You can enable a Telnet server or client to listen to a specific
VRF by using the vrf vrf-instance-name parameter in the telnet command. This capability
enables a Telent server or client to look up the correct routing table and establish a connection.
Example of Using Telnet for Remote Login
Dell(conf)#ip telnet server enable
Dell(conf)#no ip telnet server enable
VTY Line and Access-Class Configuration
Various methods are available to restrict VTY access in Dell Networking OS. These depend on which
authentication scheme you use — line, local, or remote.
Table 67. VTY Access
Authentication Method VTY access-class
support?
Username access-class
support?
Remote authorization
support?
Line
YES
NO
NO
Local
NO
YES
NO
TACACS+
YES
NO
YES (with Dell
Networking OS version
5.2.1.0 and later)
Networking OS version
5.2.1.0 and later)
Security
823