DGS-6604
m
ssh
CLI Reference Guide
838
ssh
To start an encrypted session with a remote networking device, use the
ssh
command in user EXEC mode.
ssh [-c
{
3des | aes128-cbc | aes256-cbc
}
] [-m
{
hmac-md5 | hmac-sha1 | hmac-sha1-96
}
] [-p
PORT-NUMBER
] -l
USERNAME
{
IP-ADDRESS | IPV6-ADDRESS
}
Default
None
Command Mode
Management interface mode or User EXEC mode.
Usage Guideline
The
ssh
command enables a device to make a secure, encrypted connection to
another device running an SSH Version 2 server. This connection provides
functionality that is similar to that of an outbound Telnet connection except that
the connection is encrypted. With authentication and encryption, the SSH client
allows for a secure communication over an insecure network.
ssh
command is allowed under both management interface mode and User
EXEC mode. For User EXEC mode, the outgoing physical interfaces does not
include management interface. If you are going to use ssh to login a device
which can be reached only via the management port, you should use
ssh
command under management interface mode by entering
mgmt-if
command
first.
Example
The following example shows how to ssh to the ip address 20.74.19.200 with
default port 22 (optional port parameter is provided). The ip address of
20.74.19.200 is management interface which allows user to long in.
Syntax Description
-c
{
3des | aes128-cbc
| aes256-cbc
}
(Optional) Specifies the crypto algorithm, 3DES, AES128-CBC or AES256-CBC,
to use for encrypting data.
If you do not specify the -c keyword, during negotiation, the remote networking
device sends all the supported crypto algorithms.
-m
{
hmac-md5 |
hmac-sha1 | hmac-
sha1-96
}
(Optional) Specifies a Hashed Message Authentication Code (HMAC) algorithm,
HMAC-MD5, HMAC-SHA1 or HMAC-SHA-96.
If you do not specify the -c keyword, during negotiation, the remote networking
device sends all the supported crypto algorithms.
-p
PORT-NUMBER
(Optional) The TCP port number. TCP ports are numbered between 1 and
65535. A commonly used TCP port for the SSH protocol is 22.
-l
USERNAME
Specifies the
USERNAME
to use when logging on to the remote networking
device running the SSH server.
IP-ADDRESS
IPv4 address of the host.
IPV6-ADDRESS
IPv6 address if the host.