ssh
Connects to a remote server by means of the Secure Shell (SSH) protocol.
Syntax
ssh
{
IP_address
|
hostname
}
[
-c
|
-l
|
-m |
interface {ethernet
slot/port | management |
ve vlan-id } |
vrf
vrf-name
] }
Command Default
SSH connects to port 22.
Parameters
-
IP_address
- Specifies the server IP address in IPv4 or IPv6 format.
-
hostname
- Specifies the host name, a string from 1 through 253 characters.
-
-c
- Specifies the encryption algorithm for the SSH session. This parameter is optional. Supported algorithms include the following:
- aes128-cbc
- AES 128-bits
- aes192-cbc
- AES 192-bits
- aes256-cbc
- AES 256-bits
-
-l
username
- Login name for the remote server. This parameter is optional. If you specify a user name, you will be prompted for a password. If you do not specify a user name, the command assumes you are logging in as root and will prompt for the root password.
-
-m
- Specifies the HMAC (Hash-based Message Authentication Code) message encryption algorithm. This parameter is optional; if no encryption algorithm is specified, the default (hmac-md5) is used. Supported algorithms include the following:
- hmac-md5
- MD5 128-bits. This is the default setting.
- hmac-md5-96
- MD5 96-bits
- hmac-sha1
- SHA1 160-bits
- hmac-sha1-96
- SHA1 96-bits
-
interface
- Specifies an interface.
-
ethernet
slot/port
- Specifies an Ethernet interface slot and
port number. The only supported value is 0.
- management
- Specifies the management interface.
- ve
vlan-id
- Range is from 1 through 4090 if Virtual Fabrics is disabled, and from 1 through 8191 if Virtual Fabrics is enabled.
- vrf
vrf-name
- Specifies a VRF instance. See the Usage Guidelines.
Modes
Privileged EXEC mode
Usage Guidelines
Use this command to establish an encrypted SSH connection from a switch to a remote networking device. This implementation is based on SSH v2.
To use the
ssh command on the management VRF, use the
vrf keyword and enter
mgmt-vrf manually.
The following features are not supported:
- Displaying SSH sessions
- Deleting stale SSH keys
Examples
To connect to a remote device using an SSH connection with default settings:
device# ssh 10.70.212.152
The authenticity of host '10.70.212.152 (10.70.212.152)' can't be established.
RSA key fingerprint is f0:2a:7e:48:60:cd:06:3d:f4:44:30:2a:ce:68:fe:1d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.70.212.152' (RSA) to the list of known hosts.
Password:
To connect to a remote device using an SSH connection with the management VRF:
device# ssh 10.70.212.152 vrf mgmt-vrf
To connect to a remote device using an SSH connection with a login name:
device# ssh -l admin 127.2.1.8
admin@127.2.1.8's password
