Configuring SSH and Telnet Parameters



Configuring the SSH Connection Limit

admin@XorPlus# set system services ssh protocol-version v2 
admin@XorPlus# set system services ssh connection-limit 5
admin@XorPlus# commit 
Waiting for merging configuration.
Commit OK.
Save done.
admin@XorPlus# 

Enabling and Disabling Inband Service

By default, SSH with inband interfaces are disabled. You can enable inband services by entering the command below.

  • Set the L3 VLAN interface VLAN400 in the default VRF as the in-band management port.
admin@Xorplus# set system inband vlan-interface VLAN400
admin@Xorplus# commit
  • Set the loopback interface IP in the default VRF as the in-band management IP.
admin@Xorplus# set system inband loopback 192.168.10.1
admin@Xorplus# commit
  • Set the routed interface rif-ge3 in the default VRF as the in-band management port.
admin@Xorplus# set system inband routed-interface rif-ge3
admin@Xorplus# commit


Configuring the Idle Timeout for SSH User

admin@Xorplus# set system services ssh idle-timeout 60
admin@XorPlus# commit 
Waiting for merging configuration.
Commit OK.
Save done.
admin@XorPlus# 

Configuring the Port Number of the SSH server

Users can use this command to configure the new port number of SSH server to prevent attackers from accessing the standard port of SSH service and ensure security. The default listening port number of the SSH server is 22.

Note that, if the modified port number is not 22, the client needs to specify port number when logging in using SSH.

admin@Xorplus# set system services ssh port 30
admin@Xorplus# commit


Enabling Telnet Service

The Pica8 switch supports functioning as a telnet server. To enable the telnet server function, users can enable the telnet service.

The following command enables telnet service on the device.

NOTEs:

  • Telnet service is insecure. Do not enable a telnet server if you don't know what exactly it may mean.
  • Limit to a maximum of 20 connections within 10 seconds.
  • Terminate the session in 60 seconds if the connection is not successful.


admin@PICOS# set system services telnet disable false
admin@PICOS# commit



Copyright © 2024 Pica8 Inc. All Rights Reserved.