Configuring Secure Shell (SSH)
Configuring the Switch for SSH Operation
[port < 1-65535 | default >]
The TCP port number for SSH connections (default: 22).
Important: See “Note on Port Number” on page 7-18.
[public-key <manager | operator>]
Configures a client public key.
manager: Select manager public keys (ASCII formatted).
operator: Select operator public keys (ASCII formatted).
[timeout < 5 - 120 >]
Sets the maximum length of time (in seconds) allowed
for initial protocol negotiation and authentication.
Default: 120 seconds
Note on Port ProCurve recommends using the default TCP port number (22). However, you
Number
can use ip ssh port to specify any TCP port for SSH connections except those
reserved for other purposes. Examples of reserved IP ports are 23 (Telnet)
and 80 (http). Some other reserved TCP ports on the switch are 49, 80, 1506,
and 1513.
ProCurve(config) ip ssh
Enable SSH
ProCurve(config)# show ip ssh
SSH Enabled : Yes Secure Copy Enabled : No
TCP Port Number : 22 Timeout (sec) : 120
Host Key Type : RSA Host Key Size : 1024
Ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
MACs : hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
Ses Type | Source IP Port
--- -------- + ---------------------------------------------- -----
1 console |
2 telnet |
3 ssh | 12.255.255.255
4 inactive |
With SSH running, the switch allows one console
5 inactive |
session and up to five other sessions (SSH and/or
6 inactive |
Telnet). Web browser sessions are also allowed, but
do not appear in the show ip ssh listing.
Figure 7-10. Example of Enabling IP SSH and Displaying the SSH Configuration
7-18
