Users Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

1221

ssh

Open an SSH connection specifying the hostname, username, encryption cipher, HMAC algorithm, port number, and version of the SSH

client.

Syntax

NOTE: Some of the parameters in this command require licensing to access. For more information,

contact your Dell Networking representative.

ssh [vrf vrf-name] {hostname | ipv4 address | ipv6 address} [-c encryption

cipher | -l username | -m HMAC algorithm | -p port-number | -v {1 | 2}]

Parameters

vrf

vrf-name

(OPTIONAL) Enter the keyword vrf aand then the name of the VRF to specify the VRF

used with the SSH session.

NOTE: The VRF configured using this command has a higher precedence

than the VRF configured using the ip ssh vrf vrf-name command. If you

do not configure a VRF using this command, then the SSH client uses the

configured VRF (if any). If there is a mismatch between VRFs that are

configured using the ip ssh source-interface command and the ssh

vrf vrf-name command, then an error is reported.

hostname

(OPTIONAL) Enter the IP address or the host name of the remote device.

vrf instance

(OPTIONAL) E-Series Only: Enter the keyword vrf then the VRF Instance name to open

an SSH connection to that instance.

ipv4 address

(OPTIONAL) Enter the IP address in dotted decimal format A.B.C.D.

ipv6-address

prefix-length

(OPTIONAL) Enter the IPv6 address in the x:x:x:x::x format then the prefix length in

the /x format. The range is from /0 to /128.

NOTE: The :: notation specifies successive hexadecimal fields of zeros.

-c

encryption

cipher

Enable the “FIPS mode enable", this mode will support only v2 client.

"no fips mode enable"(disable) will support v1 & v2 client. This comment is applicable for

both ciphers & HMAC algorithms:

• 3des-cbc: Force ssh to use 3des-cbc encryption cipher.

• aes128-cbc : Force ssh to use aes128-cbc encryption cipher

• aes192-cbc : Force ssh to use aes192-cbc encryption cipher

• aes256-cbc : Force ssh to use aes256-cbc encryption cipher

• aes128-ctr : Force ssh to use aes128-ctr encryption cipher

• aes192-ctr : Force ssh to use aes192-ctr encryption cipher

• aes256-ctr : Force ssh to use aes256-ctr encryption cipher

-l

username

(OPTIONAL) Enter the keyword -l then the user name used in this SSH session. The

default is the user name of the user associated with the terminal.

-m

HMAC

algorithm

Enter one of the following HMAC algorithms to use. (For v2 clients only):

"no fips mode enable"(disable) will support v1 & v2 client.

• hmac-md5: Force ssh to use hmac-md5 HMAC algorithm.

• hmac-md5-96: Force ssh to use hmac-md5-96 HMAC algorithm.

• hmac-sha1: Force ssh to use hmac-sha1 HMAC algorithm.

• hmac-sha1-96 : Force ssh to use hmac-sha1-96 HMAC algorithm.

• hmac-sha2-256 : Force ssh to use hmac-sha2-256 HMAC algorithm.

-p

port-number

(OPTIONAL) Enter the keyword -p then the port number. The range is from 1 to 65535.

The default is 22.

-v {1 | 2} (OPTIONAL) Enter the keyword -v then the SSH version 1 or 2. The default is the

version from the protocol negotiation.

Defaults As shown in the Parameters section.

Security 1227