Configuring the Secure Shell protocol using EDM

Use the following procedure to configure the Secure Shell (SSH) protocol for replacing Telnet and providing secure access to ACLI interface.

Prerequisites

  • Open one of the supported browsers.

  • Enter the IP address of the switch to open an EDM session.

Procedure steps

  1. From the navigation tree, double-click Security.

  2. In the Security tree, double-click SSH.

  3. In the SSH tab, configure the parameters as required.

  4. In the toolbar, click Apply.

Variable definitions

Use the data in the following table to configure SSH.

Variable Value
Enable Enables or disables SSH RSA authentication.
Version Displays the SSH version.
Port Displays the SSH connection port. Value ranges between 1 and 65535.
Timeout Displays the SSH connection timeout in seconds. Value ranges between 1 and 120.
Retries Displays the number of SSH authentication retries configured on the switch. Value ranges between 1–100.
KeyAction
Specifies the SSH key action. Available options are:
  • generateDsa

  • deleteDsa

DsaAuth Enables or disables SSH DSA authentication.
PassAuth Enables or disables SSH RSA authentication.
DsaHostKeyStatus Indicates the current status of the SSH DSA host key. If the DSA host key has not yet been generated, the value is notGenerated(1). If it has already been generated, the value is generated(2). If it is currently being generated, the value is generating(3).
TftpServerInetAddressType Indicates the type of address stored in the TFTP server.
TftpServerInetAddress Specifies the IP address stored in the TFTP server for all TFTP operations.
TftpFile Indicates the name of file for the TFTP transfer.
TftpAction Specifies the action for the TFTP transfer.
TftpResult Displays the result of the last TFTP action request.
SshAuthKeyFilename Specifies the SSH authentication key file to download.
UsbTargetUnit Specifies the unit number of the USB port to use for file uploads and downloads. Values range from 1 to 9. Values 1 to 8 apply to a USB port in a switch stack. Value 9 applies to a stand-alone switch.
Action (DnldSshAuthKeyFromUsb) Specifies to download the SSH authentication key using the USB port.
Status
Indicates the status of the latest SSH authentication key download using the USB port. Values include the following:
  • other—no action taken since the switch startup

  • inProgress—authentication key download is in progress

  • success—authentication key download completed successfully

  • fail—authentication key download failed