An Extreme Networks switch can function as an SSH2 client. This means you can connect from
the switch to a remote device running an SSH2 server and send commands to that device. You
can also use SCP2 to transfer files to and from the remote device.
Note
ExtremeXOS
15.7.1 upgraded from openssh-3.9p1 to openssh-6.5p1. ExtremeXOS 21.1 adds the
openssl-fips-ecp-2.0.9 open source library. ExtremeXOS 22.5 upgraded from
openssh-6.5p1 to openssh-7.5p1. ExtremeXOS 30.7 upgraded from
openssh-7.5p1 to openssh-8.1p1
Support for following ciphers and macs are removed in
ExtremeXOS 30.7, since these are not supported in openssh 8.1p1:
- Ciphers: blowfish-cbc,
cast128-cbc, arcfour, arcfour256, arcfour128
- MACs:
hmac-ripemd160-etm@openssh.com, hmac-ripemd160, hmac-ripemd160@openssh.com
Note
When upgrading to
ExtremeXOS 30.7, if
unsupported ciphers/MACs are:
- Enabled in the saved configuration, the configuration is ignored during
configuration load. The dirty bit is set and an error message appears:.
<Erro:exsshd.LoadCfgCipherUnsuprt>
<Erro:exsshd.LoadCfgMACUnsuprt>.
- Disabled (by default or intentional) in the saved configuration, the
configuration is ignored silently during configuration load. The dirty bit is set and
an error messages do not appear.
You do not need to enable SSH2 or generate an authentication key to use
the SSH2 and SCP2 commands from the ExtremeXOS CLI.
-
To send commands to a remote system using SSH2, use the
following command:
ssh2
{cipher [cipher} {mac
mac} {compression [on | off]}
{port
port} {user
username} {vr
vr_name} user@host {remote_command}
The remote commands can be any command acceptable
by the remote system. You can specify the login user name as a separate argument or as
part of the user@host specification. If the login user name for the remote system is the
same as your user name on the switch, you can omit the username parameter entirely.
For example, to obtain a directory listing
from a remote Linux system with IP address 10.10.0.2 using SSH2, enter the following
command:ssh2 admin@10.10.0.2 ls
-
To initiate a file copy from a remote system to the switch
using SCP2, use the following command:
scp2
{cipher
cipher} {mac
mac} {compression [on | off]}
{port
port} {vr
vr_name} [ user@host:file
local-file | local-file
user@host:file ]
For example, to copy the configuration file test.cfg
on host system1 to the switch, enter the following command:
scp2 admin@system1:test.cfg localtest.cfg
-
To initiate a file copy to a remote system from the switch
using SCP2, use the following command:
scp2
{cipher
cipher} {mac
mac} {compression [on | off]}
{port
port} {vr
vr_name} [ user@host:file
local-file | local-file
user@host:file ]
For example, to copy the configuration file engineering.cfg
from the switch to host system1, enter the following command:
scp2 engineering.cfg admin@system1:engineering.cfg
