Secure Shell (SSH) Server Upgrade

OpenSSH server listens for incoming connections. After authenticating, the server provides the client either shell access or access to the CLI, or performs a file transfer of configuration files. The server uses various services in ExtremeXOS including AAA for authentication, Policy Manager for access control, Session Manager for session reporting, and EMS for logging.

SSHServer is migrated from SSH toolkit to OpenSSH, where the SSH server is added as part of the exsshd process. ExtremeXOS 21.1 supports SSH protocol version 2 from OpenSSH. Although the SSH server is added to exsshd, the key generation is not performed by exsshd. This is done separately by another module from OpenSSH, ssh-keyGen, which is invoked from exsshd. The generated key is stored in /etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_dsa_key.pub. The same format is used for any keys that are imported to OpenSSH.

Supported Platforms

Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X620, X440-G2 series switches

Limitations

  • Keyboard interactive authentication is not supported.
  • Host key algorithms are not configurable.