Netgear XCM8810 - 8800 SERIES 10-SLOT CHASSIS SWITCH ユーザーズマニュアル
Chapter 17. Security
|
507
NETGEAR 8800 User Manual
the switch but is not associated with any user. The key can be then be associated with the
user via the CLI.
user via the CLI.
You can also enter or paste the key using the CLI. There cannot be any carriage returns or
new lines in the key. See the appropriate reference page in the NETGEAR 8800 Chassis
Switch CLI Manual for additional details.
new lines in the key. See the appropriate reference page in the NETGEAR 8800 Chassis
Switch CLI Manual for additional details.
The host and user public keys can be written to a file in the config directory using the
create
sshd2 key-file
command. This enables the administrator to copy the public key to an
outside server.
Enabling SSH2
To enable SSH2, use the following command:
enable ssh2 {access-profile [<access_profile> | none]} {port <tcp_port_number>}
{vr [<vr_name> | all | default]}
You can also specify a TCP port number to be used for SSH2 communication. By default the
TCP port number is 22. The switch accepts IPv6 connections.
TCP port number is 22. The switch accepts IPv6 connections.
Before you initiate a session from an SSH2 client, ensure that the client is configured for any
non-default access list or TCP port information that you have configured on the switch. After
these tasks are accomplished, you may establish an SSH2-encrypted session with the
switch. Clients must have a valid user name and password on the switch in order to log in to
the switch after the SSH2 session has been established.
non-default access list or TCP port information that you have configured on the switch. After
these tasks are accomplished, you may establish an SSH2-encrypted session with the
switch. Clients must have a valid user name and password on the switch in order to log in to
the switch after the SSH2 session has been established.
Up to eight active SSH2 sessions can run on the switch concurrently. If you enable the idle
timer using the
timer using the
enable idletimeout
command, the SSH2 connection times out after 20
minutes of inactivity by default. If you disable the idle timer using the
disable idletimeout
command, the SSH2 connection times out after 61 minutes of inactivity. If a connection to an
SSH2 session is lost inadvertently, the switch terminates the session within 61 minutes.
SSH2 session is lost inadvertently, the switch terminates the session within 61 minutes.
For additional information on the SSH protocol, see the Federal Information Processing
Standards Publication (FIPSPUB) 186, Digital Signature Standard, 18 May 1994. This can be
download from: ftp://ftp.cs.hut.fi/pub/ssh. General technical information is also available from:
Standards Publication (FIPSPUB) 186, Digital Signature Standard, 18 May 1994. This can be
download from: ftp://ftp.cs.hut.fi/pub/ssh. General technical information is also available from:
Viewing SSH2 Information
To view the status of SSH2 sessions on the switch, use the following command:
show management
The
show management
command displays information about the switch including the
enable/disable state for SSH2 sessions and whether a valid key is present.