Use the SSH Configuration page to view and modify the SSH (Secure Shell) server settings on the device. SSH is a network protocol that enables access to the CLI management interface by using an SSH client on a remote administrative system. SSH is a more secure access method than Telnet because it encrypts communication between the administrative system and the device. This page also allows you to download or generate SSH host keys for secure CLI-based management.
To access this page, click
in the navigation menu.Field | Description |
---|---|
SSH Admin Mode | Enables or disables the SSH server administrative mode. When this mode is enabled, the device can be accessed by using an SSH client on a remote system. |
SSH Port | The TCP (Transmission Control Protocol) port number on
which the SSH server listens for requests. Existing SSH login sessions are not
affected by a change in this value, although establishment of any new SSH
sessions must use the new port number. Before changing this value, verify that the desired port number is not currently being used by any other service. |
SSH Version 1 | When this option is selected, the SSH server on the device can accept connections from an SSH client using SSH-1 protocol. If the option is clear, the device does not allow connections from clients using the SSH-1 protocol. |
SSH Version 2 | When this option is selected, the SSH server on the device can accept connections from an SSH client using SSH-2 protocol. If the option is clear, the device does not allow connections from clients using the SSH-2 protocol. |
SSH Connections Currently in Use | The number of active SSH sessions between remote SSH clients and the SSH server on the device. |
Maximum number of SSH Sessions Allowed | The maximum number of SSH sessions that may be connected to the device simultaneously. |
SSH Session Timeout (minutes) | The SSH session inactivity timeout value. A connected user that does not exhibit any SSH activity for this amount of time is automatically disconnected from the device. |
RSA Key Status | The status of the SSH-1 RSA key file or SSH-2 RSA key file (PEM Encoded) on the device, which might be Present, Absent, or Generation in Progress. |
DSA Key Status | The status of the SSH-2 DSA key file (PEM Encoded) on the device, which might be Present, Absent, or Generation in Progress. |
Download Certificates (Button) |
Use this button to download an SSH-1 RSA, SSH-2 RSA, or SSH-2 DSA key file from a remote system to the device. After you click the button, a Download Certificate window opens. Select the file type to download, browse to the location on the remote system, and select the file to upload. Then, click Begin Transfer. The Status field provides information about the file transfer. |
Generate Certificate (Button) |
Use this button to manually generate an RSA key or DSA key on the device. |
Delete Certificates (Button) |
Use this button to delete an RSA key or DSA key that has been downloaded to the device or manually generated on the device. |
If you change any of the parameters, click Submit to apply the changes to the system. If you want the switch to retain the new values across a power cycle, you must save the configuration.