ZyXEL Communications 3.1 ユーザーズマニュアル
Chapter 38 System Remote Management
ZyWALL (ZLD) CLI Reference Guide
289
38.4.3 SSH Commands
The following table describes the commands available for SSH. You must use the
configure
terminal
command to enter the configuration mode before you can use these commands.
38.4.4 SSH Command Examples
This command sets a service control rule that allowed the computers with the IP addresses
matching the specified address object to access the specified zone using SSH service.
matching the specified address object to access the specified zone using SSH service.
This command sets a certificate (Default) to be used to identify the ZyWALL.
Table 172
Command Summary: SSH
COMMAND
DESCRIPTION
[no] ip ssh server
Allows SSH access to the ZyWALL CLI. The no command
disables SSH access to the ZyWALL CLI.
disables SSH access to the ZyWALL CLI.
[no] ip ssh server cert certificate_name
Sets a certificate whose corresponding private key is to be
used to identify the ZyWALL for SSH connections. The no
command resets the certificate used by the SSH server to
the factory default (
used to identify the ZyWALL for SSH connections. The no
command resets the certificate used by the SSH server to
the factory default (
default
).
certificate_name
: The name of the certificate. You can use
up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=-
characters.
[no] ip ssh server port <1..65535>
Sets the SSH service port number. The no command resets
the SSH service port number to the factory default (22).
the SSH service port number to the factory default (22).
ip ssh server rule {rule_number|append|insert
rule_number} access-group {ALL|address_object}
zone {ALL|zone_object} action {accept|deny}
Sets a service control rule for SSH service.
address_object
: The name of the IP address (group) object.
You may use 1-31 alphanumeric characters, underscores(
_
),
or dashes (-), but the first character cannot be a number.
This value is case-sensitive.
This value is case-sensitive.
zone_object
: The name of the zone. For the ZyWALL USG
300 and above, use up to 31 characters (a-zA-Z0-9_-). The
name cannot start with a number. This value is case-
sensitive.
name cannot start with a number. This value is case-
sensitive.
The ZyWALL USG 200 and lower models use pre-defined
zone names like DMZ, LAN1, SSL VPN, WLAN, IPSec VPN,
OPT, and WAN.
zone names like DMZ, LAN1, SSL VPN, WLAN, IPSec VPN,
OPT, and WAN.
ip ssh server rule move rule_number to rule_number
Changes the index number of a SSH service control rule.
[no] ip ssh server v1
Enables remote management using SSH v1. The no
command stops the ZyWALL from using SSH v1.
command stops the ZyWALL from using SSH v1.
no ip ssh server rule rule_number
Deletes a service control rule for SSH service.
show ip ssh server status
Displays SSH settings.
Router# configure terminal
Router(config)# ip ssh server rule 2 access-group Marketing zone WAN action accept
Router# configure terminal
Router(config)# ip ssh server cert Default