Services Configure SSH access
IX20 User Guide
662
l
Asingle IPaddress or host name.
l
Anetwork designation in CIDRnotation, for example, 2001:db8::/48.
l
any: No limit to IPv6 addresses that can access the SSH service.
d. Click again to list additional IPaddresses or networks.
n
To limit access to hosts connected through a specified interface on the IX20 device:
a. Click Interfaces.
b. For Add Interface, click .
c. For Interface, select the appropriate interface from the dropdown.
d. Click again to allow accessthrough additional interfaces.
n
To limit access based on firewall zones:
a. Click Zones.
b. For Add Zone, click .
c. For Zone, select the appropriate firewall zonefrom the dropdown.
See Firewall configuration for information about firewall zones.
d. Click again to allow accessthrough additional firewall zones.
6. Multicast DNS(mDNS) is enabled by default. mDNSis a protocol that resolveshost namesin
small networksthat do not have a DNSserver. To disable mDNS, or enable it if it has been
disabled, click Enable mDNS.
7. For Private key, type the private key in PEMformat. If Private key isblank, the device will use
an automatically-generated key.
8. To create custom SSH configuration settings:
a. Click to expand Custom configuration.
b. Click Enable.
c. For Override:
n
If Override isenabled, entriesin Configuration file will be used in place of the
standard SSH configuration.
n
If Override isnot enabled, entries in Configuration file will be added to the
standard SSH configuration.
d. For Configuration file, typeconfiguration settings in the form of an OpenSSH sshd_config
file.
For example, to enable the diffie-helman-group-sha-14 key exchange algorithm:
i. Click Enable to enable SSH custom configuration.
ii. Leave Override disabled.
iii. For Configuration file, type the following:
KexAlgorithms +diffie-hellman-group14-sha1
9. Click Apply to savethe configuration and apply the change.
Command line
1. Select the device in Remote Manager and click Actions> Open Console, or log into the IX20
local command line as a user with full Admin access rights.
To Next Page
Loading...
Need help?
General