Users Guide
Conguring DNS in the SSH Server
Dell EMC Networking provides support to enable the DNS in SSH server conguration for host-based authentication. You can specify
whether the SSH Server should look up the remote host name and check whether the resolved host name for the remote IP address maps
to the same IP address. By default, the DNS in the SSH server conguration is disabled.
To enable the DNS in the SSH server conguration, use the following command.
• Enable the DNS in the SSH server conguration.
CONFIGURATION mode
[no] ip ssh server dns enable
To disable the DNS in the SSH server conguration, use the no version of this command.
NOTE: You can use the ip ssh server dns enable command only in Full-Switch mode.
Example of DNS Conguration in SSH Server Connections
To view the status of DNS in the SSH server conguration, use the show running-config ip ssh command from EXEC mode.
DellEMC#show running-config ip ssh
!
ip ssh server dns enable
ip ssh hostbased-authentication enable
no ip ssh password-authentication enable
ip ssh server enable
Telnet
To use Telnet with SSH, rst enable SSH, as previously described.
By default, the Telnet daemon is enabled. If you want to disable the Telnet daemon, use the following command, or disable Telnet in the
startup cong. To enable or disable the Telnet daemon, use the [no] ip telnet server enable command.
Example of Using Telnet for Remote Login
DellEMC(conf)#ip telnet server enable
DellEMC(conf)#no ip telnet server enable
VTY Line and Access-Class Conguration
Various methods are available to restrict VTY access in . These depend on which authentication scheme you use — line, local, or remote.
Table 71. VTY Access
Authentication Method VTY access-class support? Username access-class
support?
Remote authorization support?
Line YES NO NO
Local NO YES NO
TACACS+ YES NO YES (with version 5.2.1.0 and
later)
RADIUS YES NO YES (with version 6.1.1.0 and
later)
provides several ways to congure access classes for VTY lines, including:
740
Security