Dell™ PowerConnect™ 3324/3348 Switch CLI Guide
Use the ip http port global configuration command to specify the TCP port to be used by the SSH server. To use the default port, use the no form of this command.
ip ssh port port-number
no ip ssh port
The default value is 22.
Global Configuration Mode
There are no user guidelines for this command.
The following example specifies the port to be used by the SSH server.
Console (config)# ip ssh port 8080 |
Use the ip ssh server global configuration command to enable the device to be configured from SSH. To disable this function use the no form of this command.
ip ssh server
no ip ssh server
This default is enabled to be configured from SSH.
Global Configuration Mode
If encryption keys are not generated, the SSH server is in standby until the keys are generated. To generate SSH server keys, use the commands crypto key generate rsa, and crypto key generate dsa.
The following example enables the device to be configured from a SSH server.
Console (config)# ip ssh server |
Use the ip ssh server global configuration command to generate DSA key pairs.
crypto key generate dsa
DSA key pairs do not exist.
Global Configuration Mode
DSA keys are generated in pairs, one public DSA key and one private DSA key. If the device already has DSA keys, a warning and prompt to replace the existing keys with new keys is displayed.
This command is not saved in the startup configuration, however, the keys generated by this command are saved in the running configuration (which is never displayed to the user or backed up to another device).
The following example generates DSA key pairs.
Console (config)# crypto key generate dsa This may take several minutes depending on the length. Console (config)# |
Use the crypto key generate rsa global configuration command to generate RSA key pairs.
crypto key generate rsa
RSA key pairs do not exist.
Global Configuration Mode
DSA keys are generated in pairs, one public DSA key and one private DSA key. If the device already has DSA keys, a warning and prompt to replace the existing keys with new keys is displayed.
This command is not saved in the startup configuration, however, the keys generated by this command are saved in the running configuration (which is never displayed to the user or backed up to another device).
The following example generates RSA key pairs.
Console (config)# crypto key generate rsa This may take several minutes depending on the length. Console (config)# |
Use the ip ssh pubkey-auth global configuration command to enable public key authentication for incoming SSH sessions. To disable this function, use the no form of this command.
ip ssh pubkey-auth
no ip ssh pubkey-auth
The function is disabled.
Global Configuration Mode
AAA authentication is independent.
The following example enables public key authentication for incoming SSH sessions.
Console (config)# ip ssh pubkey-auth |
Use the crypto key pubkey-chain ssh global configuration command to enter SSH Public Key-Chain Configuration Mode. The mode is used to manually specify other device public keys such as SSH client public keys.
crypto key pubkey-chain ssh
By default there are no keys.
Global Configuration Mode
There are no user guidelines for this command.
The following example enters the SSH Public Key-Chain Configuration Mode.
Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# |
Use the user-key SSH public key-chain configuration command to specify which SSH public key is manually configured and enters the SSH public key-string configuration command. To remove a SSH public key, use the no form of this command.
user-key username
no user-key username
By default there are no keys.
SSH Public Key-Chain Configuration Mode
Follow this command with the key-string command to specify the key.
The following example enables a SSH public key to be manually configured for the SSH public-key chain.
Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# user-key bob Console(config-pubkey-key)# |
Use the key-string SSH public key-string configuration command to manually specify a SSH public key.
key-string {rsa | dss}
By default the keys do not exist.
SSH Public Key-string configuration
Use this command to specify which SSH public key to manually configure next.
UU-encoded DER format is the same format in authorized_keys file used by OpenSSH.
To complete the command, enter the row with no characters.
The following example enters public key strings for SSH public key clients.
Use the show ip ssh privileged EXEC command to display the SSH server configuration.
show ip ssh
This command has no default configuration.
Privileged EXEC Mode
There are no user guidelines for this command.
The following example displays the SSH server configuration.
Use the show crypto key mypubkey privileged EXEC command to display the SSH public keys on the device.
show crypto key mypubkey [rsa | dsa]
This command has no default configuration.
Privileged EXEC Mode
There are no user guidelines for this command.
The following example displays the SSH public keys on the device.
Use the show crypto key pubkey-chain ssh privileged EXEC command to display SSH public keys stored on the device.
show crypto key pubkey-chain ssh [username username] [fingerprint bubble-babble | hex]
This command has no default configuration.
Privileged EXEC Mode
There are no user guidelines for this command.
The following example displays all SSH public keys stored on the device.
The following example displays the SSH public key called bob.
