Understanding the SSH2 Client Functions on the Switch

An Extreme Networks switch can function as an SSH2 client. This means you can connect from the switch to a remote device running an SSH2 server and send commands to that device. You can also use SCP2 to transfer files to and from the remote device.
Note

Note

ExtremeXOS 15.7.1 upgraded from openssh-3.9p1 to openssh-6.5p1. ExtremeXOS 21.1 adds the openssl-fips-ecp-2.0.9 open source library. ExtremeXOS 22.5 upgraded from openssh-6.5p1 to openssh-7.5p1. ExtremeXOS 30.7 upgraded from openssh-7.5p1 to openssh-8.1p1

Support for following ciphers and macs are removed in ExtremeXOS 30.7, since these are not supported in openssh 8.1p1:
  • Ciphers: blowfish-cbc, cast128-cbc, arcfour, arcfour256, arcfour128
  • MACs: hmac-ripemd160-etm@openssh.com, hmac-ripemd160, hmac-ripemd160@openssh.com
Note

Note

When upgrading to ExtremeXOS 30.7, if unsupported ciphers/MACs are:
  • Enabled in the saved configuration, the configuration is ignored during configuration load. The dirty bit is set and an error message appears:. <Erro:exsshd.LoadCfgCipherUnsuprt> <Erro:exsshd.LoadCfgMACUnsuprt>.
  • Disabled (by default or intentional) in the saved configuration, the configuration is ignored silently during configuration load. The dirty bit is set and an error messages do not appear.

You do not need to enable SSH2 or generate an authentication key to use the SSH2 and SCP2 commands from the ExtremeXOS CLI.

Note

Note

User-created VRs are supported only on the platforms listed for this feature in the Switch Engine 32.2 Feature License Requirements document.