ssh

Use this command to start an SSH session to a remote host.

Syntax

ssh hostname [-4 | -6] [-b bind-address] [-c cipher-spec] [-e escape-char] [-l login-name] [-m mac-spec] [-p port] [-p] [-q] [-r] [-vrf router]

Parameters

`hostname`	Specifies the host name or IP address of the remote host this SSH session is connecting to.
-4 \| -6	(Optional) Specifies that SSH should use either IPv4 or IPv6 addresses, but not both.
-b `bind-address`	(Optional) Specifies the IP address to transmit from when there are multiple interfaces and or addresses.
-c `cipher-spec`	(Optional) Specifies a list of the cipher specifications that overrides the current cipher configuration for encrypting this session.
-e `escape-char`	(Optional) Sets the escape character for the session. Default value: ~
-l `login-name`	(Optional) Specifies the user to login as on the remote host.
-m `mac-spec`	(Optional) Specifies the MAC algorithms used for data integrity protection.
-p `port`	(Optional) Specifies the host port to connect to on the remote host. Default value: 22.
-q	(Optional) Specifies that the session will operate in quiet mode, causing all warning and diagnostic messages to be suppressed.
-r	(Optional) Specifies that normal routing table lookup should be bypassed and that the session request should be sent directly to a host on an attached network.
-vrf `router`	(Optional) Specifies the router on which to source this SSH session. Valid values: default.

Defaults

If -4 or -6 are not specified, SSH will use IPv4 and IPv6 addresses for this session.
If -b is not specified, the bind IP address is chosen by the system based upon the chosen route to the destination.
If -c is not specified, the default cipher list is used.
If -e is not specified, the default escape character ~ is used.
If -l is not specified, no login name is sent with the session request.
If -m is not specified, the default MAC algorithm list is used.
If -p is not specified, the standard default SSH port 22 is used.
If -q is not specified, warning and diagnostic messages are not suppressed for the session.
If -r is not specified, normal host routing tables will be used for this session.
If -v is not specified, SSH will not print debug messages for this session.
If -vrf is not specified, the router is inherited from the CLI context. The default router is used by this session.

Mode

All command modes.

Usage

The SSH client application is always enabled.

The -4 and -6 flags are used when the host is a domain name as opposed to a IPv4 or IPv6 address. A DNS server may return multiple responses, some of which may be IPv4 addresses and some of which may be IPv6 addresses. If the returned address type matters, then these flags let you choose which type will be accepted.

The cipher specification list is a comma-separated list of ciphers listed in the order of preference. The specified cipher list overrides the current default configuration or the configuration specified in command set ssh ciphers.

The escape character is only recognized at the beginning of a line. The escape character followed by a dot (~.) closes the connection. The escape character followed by a CTRL-Z suspends the session. The escape character followed by itself (~~) sends a single escape character. Setting the escape character to none disables any escapes and makes the session fully transparent.

The mac-spec setting is a comma-separated list of MAC algorithms listed in the order of preference. The specified MAC list overrides the current default configuration or the configuration specified in command set ssh macs.

The -r option is intended for when the route table is invalid for some reason and you are using SSH to debug it.

Example

This example shows how to start an SSH session with host 10.20.10.2 with a login name of documentation and with warning and diagnostic messages suppressed:

System(rw)->ssh -l documentation -q 10.20.10.2
System(rw)->

Published May 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback