SSH Parameters
Secure Shell (SSH) parameters are described in the table below.
SSH Parameters
Parameter |
Description |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
'Enable SSH Server' configure system > cli-settings > ssh [SSHServerEnable] |
Enables the device's embedded SSH server.
|
||||||||||||
'Redundant Device Server Port' configure system > cli-settings > ssh-red-device-port [SSHRedundantProxyPort] |
Defines the proxy SSH port number on the active device for accessing the redundant device's embedded SSH server from the active device for downloading files from the redundant device. The valid value is any valid port number. The default port is 0 (i.e., disabled). Note:
|
||||||||||||
'Public Key' configure system > cli-settings > ssh-require-public-key [SSHRequirePublicKey] |
Enables RSA or ECDSA public keys for SSH.
Note:
|
||||||||||||
'Max Payload Size' ssh-max-payload-size [SSHMaxPayloadSize] |
Defines the maximum uncompressed payload size (in bytes) for SSH packets. The valid value is 550 to 32768. The default is 32768. |
||||||||||||
'Max Binary Packet Size' configure system > cli-settings > ssh-max-binary-packet-size [SSHMaxBinaryPacketSize] |
Defines the maximum packet size (in bytes) for SSH packets. The valid value is 582 to 35000. The default is 35000. |
||||||||||||
'Maximum SSH Sessions' configure system > cli-settings > ssh-max-sessions [SSHMaxSessions] |
Defines the maximum number of simultaneous SSH sessions. The valid range is 1 to 5. The default |
||||||||||||
'Enable Last Login Message' configure system > cli-settings > ssh-last-login-message [SSHEnableLastLoginMessage] |
Enables message display in SSH sessions of the time and date of the last SSH login. The message displays the number of unsuccessful login attempts since the last successful login.
Note: The last SSH login information is cleared when the device restarts. |
||||||||||||
'Max Login Attempts configure system > cli-settings > ssh-max-login-attempts [SSHMaxLoginAttempts] |
Defines the maximum SSH login attempts allowed for entering an incorrect password by an administrator before the SSH session is rejected. The valid range is 1 to 5. The default is 3. Note: The new setting takes effect only for new subsequent SSH connections. |
||||||||||||
'Kex Algorithms String' configure system > cli-settings > ssh-kex-algorithms-string [SSHKexAlgorithmsString] |
Defines the SSH Key Exchange Algorithms. The valid values include:
You can configure the parameter with multiple values, using the colon (:) as a separator. For example, diffie-hellman-group1-sha1:diffie-hellman-group-exchange-sha256. The default is diffie-hellman-group1-sha1:diffie-hellman-group-exchange-sha256. |
||||||||||||
'Ciphers String' configure system > cli-settings > ssh-ciphers-string [SSHCiphersString] |
Defines the SSH cipher string. The valid values include:
You can configure the parameter with multiple values, using the colon (:) as a separator. For example, aes128-ctr:aes128-cbc. The default is aes128-ctr:aes128-cbc. |
||||||||||||
'MACs String' configure system > cli-settings > ssh-macs-string [SSHMACsString] |
Defines the SSH MAC algorithms. The valid value is hmac-sha1 or hmac-sha2-256. You can configure the parameter with both values using the colon (:) as a separator, for example, hmac-sha1:hmac-sha2-256. The default is hmac-sha1:hmac-sha2-256. |