Linksys DES-3028/DES-3028P/DES-3052/DES-3052P 用户手册
DES-3028 DES-3028P DES-3052 DES-3052P Layer 2 Fast Ethernet Switch CLI Reference Manual
31
SSH C
OMMANDS
The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC (the SSH Client) and
the Switch (the SSH Server), are as follows:
the Switch (the SSH Server), are as follows:
•
Create a user account with admin-level access using the create account admin <username> <password> command. This
is identical to creating any other admin-lever user account on the Switch, including specifying a password. This password is
used to login to the Switch, once secure communication has been established using the SSH protocol.
is identical to creating any other admin-lever user account on the Switch, including specifying a password. This password is
used to login to the Switch, once secure communication has been established using the SSH protocol.
•
Configure the user account to use a specified authorization method to identify users that are allowed to establish SSH
connections with the Switch using the config ssh authmode command. There are three choices as to the method SSH will
use to authorize the user, and they are password, publickey and hostbased.
connections with the Switch using the config ssh authmode command. There are three choices as to the method SSH will
use to authorize the user, and they are password, publickey and hostbased.
•
Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH Client and the
SSH Server.
SSH Server.
•
Finally, enable SSH on the Switch using the enable ssh command.
After following the above steps, users can configure an SSH Client on the remote PC and manage the Switch using secure, in-
band communication.
The Secure Shell (SSH) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the
following table.
band communication.
The Secure Shell (SSH) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the
following table.
Command Parameters
enable ssh
disable ssh
config ssh authmode
[password | publickey | hostbased] [enable | disable]
show ssh authmode
config ssh server
{maxsession <int 1-8> | contimeout <sec 120-600> | authfail <int
2-20> | rekey [10min | 30min | 60min | never]
2-20> | rekey [10min | 30min | 60min | never]
show ssh server
config ssh user
<username> authmode [hostbased [hostname <domain_name>
| hostname_IP <domain_name> <ipaddr>] | password |
publickey]
| hostname_IP <domain_name> <ipaddr>] | password |
publickey]
show ssh user authmode
config ssh algorithm
[3DES | AES128 | AES192 | AES256 | arcfour | blowfish |
cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 |
RSA | DSA] [enable | disable]
cast128 | twofish128 | twofish192 | twofish256 | MD5 | SHA1 |
RSA | DSA] [enable | disable]
show ssh algorithm
config ssh regenerate hostkey
Each command is listed, in detail, in the following sections.
206