Reference Guide
742 | Security
www.dell.com | support.dell.com
• show crypto: Display the public part of the SSH host-keys.
•
show ip ssh client-pub-keys: Display the client public keys used in host-based authentication.
•
show ip ssh rsa-authentication: Display the authorized-keys for the RSA authentication.
•
ssh-peer-stack-unit: Open an SSH connection to the peer stack-unit.
Secure Shell Authentication
Secure Shell (SSH) is disabled by default. Enable it using the command ip ssh server enable.
SSH supports three methods of authentication:
• SSH Authentication by Password
• RSA Authentication of SSH
• Host-based SSH Authentication
Important Points to Remember for SSH Authentication
• If more than one method is enabled, the order in which the methods are preferred is based on the
ssh_config file on the Unix machine.
• When all the three authentication methods are enabled, password authentication is the backup method
when the RSA method fails.
• The files known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or
version 2, respectively.
SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell
Networking system. This is the simplest methods of authentication and uses SSH version 1.
Enable SSH password authentication using the command
ip ssh password-authentication enable from
CONFIGURATION mode. View your SSH configuration using the command
show ip ssh from EXEC
Privilege mode.
Figure 41-8. Enabling SSH Password Authentication
FTOS(conf)#ip ssh server enable
% Please wait while SSH Daemon initializes ... done.
FTOS(conf)#ip ssh password-authentication enable
FTOS#sh ip ssh
SSH server : enabled.
Password Authentication : enabled.
Hostbased Authentication : disabled.
RSA Authentication : disabled.