Chapter 64 System Remote Management
ZyWALL Series CLI Reference Guide
532
64.4 SSH
Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication
protocol that combines authentication and data encryption to provide secure encrypted
communication between two hosts over an unsecured network.
64.4.1 SSH Implementation on the Zyxel Device
Your Zyxel Device supports SSH using RSA authentication and the following encryption methods: AES,
3DES, Archfour, Blowfish. The SSH server is implemented on the Zyxel Device for remote management on
port 22 (by default).
64.4.2 Requirements for Using SSH
You must install an SSH client program on a client computer (Windows or Linux operating system) that is
used to connect to the Zyxel Device over SSH.
64.4.3 SSH Commands
The following table describes the commands available for SSH. You must use the configure
terminal
command to enter the configuration mode before you can use these commands.
Table 307 Command Summary: SSH
COMMAND DESCRIPTION
ssh {user@W.X.Y.Z | or
W.X.Y.Z)
Sets the user name where W.X.Y.Z is an IPv4 address or domain
of an SSH client.
[no] ip ssh server
Allows SSH access to the Zyxel Device CLI. The no command
disables SSH access to the Zyxel Device CLI.
[no] ip ssh server cert
certificate_name
Sets a certificate whose corresponding private key is to be used
to identify the Zyxel Device for SSH connections. The no
command resets the certificate used by the SSH server to the
factory default (
default).
certificate_name: The name of the certificate. You can use
up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=-
characters.
[no] ip ssh server port
<1..65535>
Sets the SSH service port number. The no command resets the
SSH service port number to the factory default (22).
ip ssh server rule
{rule_number|append|insert
rule_number} access-group
{ALL|address_object} zone
{ALL|zone_object} action
{accept|deny}
Sets a service control rule for SSH service.
address_object: The name of the IP address (group) object.
You may use 1-31 alphanumeric characters, underscores(
_), or
dashes (-), but the first character cannot be a number. This
value is case-sensitive.
zone_object: The name of the zone. For some Zyxel Device
models, use up to 31 characters (a-zA-Z0-9_-). The name cannot
start with a number. This value is case-sensitive.
For other Zyxel Device models, use pre-defined zone names like
DMZ, LAN1, SSL VPN, IPSec VPN, OPT, and WAN.
ip ssh server rule move
rule_number to rule_number
Changes the index number of a SSH service control rule.
To Next Page
Loading...
