Command Line Interface Guide
Page 4
FOR PROOF ONLY 4 PRELIMINARY 9/12/06 - SSH Commands 37 Syslog Commands 38 System Management Commands 39 TACACS Commands 39 User Interface Commands 40 VLAN Commands 40 Web Server Commands 42 802.1x ...) Mode 45 IC (Interface Configuration) Mode 48 LC (Line Configuration) Mode 50 MA (Management Access-level) Mode 51 PE (Privileged User EXEC) Mode 51 SP (SSH Public Key) Mode 53 UE (User EXEC) Mode 53 VC (VLAN Configuration) Mode 55 3 Using the CLI CLI Command Modes 57 Starting the CLI 60...
FOR PROOF ONLY 4 PRELIMINARY 9/12/06 - SSH Commands 37 Syslog Commands 38 System Management Commands 39 TACACS Commands 39 User Interface Commands 40 VLAN Commands 40 Web Server Commands 42 802.1x ...) Mode 45 IC (Interface Configuration) Mode 48 LC (Line Configuration) Mode 50 MA (Management Access-level) Mode 51 PE (Privileged User EXEC) Mode 51 SP (SSH Public Key) Mode 53 UE (User EXEC) Mode 53 VC (VLAN Configuration) Mode 55 3 Using the CLI CLI Command Modes 57 Starting the CLI 60...
Command Line Interface Guide
Page 37
...the spanning tree instances on an interface. Specifies which SSH public key is disabled on that interface. Displays the SSH public keys stored on the specified interface. Enables the device to MSTP instances. Enters SSH Public Key-chain configuration mode. Configure the switch to... convert STP/RSTP packets to be used by the SSH server. Generates RSA key pairs. Displays the SSH server configuration. Manually specifies a SSH public key. Enables public key authentication for incoming SSH sessions. Enables root guard on all interfaces or on the device. Interface ...
...the spanning tree instances on an interface. Specifies which SSH public key is disabled on that interface. Displays the SSH public keys stored on the specified interface. Enables the device to MSTP instances. Enters SSH Public Key-chain configuration mode. Configure the switch to... convert STP/RSTP packets to be used by the SSH server. Generates RSA key pairs. Displays the SSH server configuration. Manually specifies a SSH public key. Enables public key authentication for incoming SSH sessions. Enables root guard on all interfaces or on the device. Interface ...
Command Line Interface Guide
Page 45
...time (daylight saving time). Sets the address table aging time. Enters SSH Public Key-chain configuration mode. Enables 802.1x globally. Adds a permanent entry in the ARP cache Specifies the device asset-tag. Enables GVRP globally. Specifies one or more authentication, authorization, and accounting ... crypto certificate import crypto key generate dsa crypto key generate rsa crypto key pubkey-chain ssh dot1x system-auto-control enable password end gvrp enable (global) hostname interface ethernet interface port-channel Description Defines authentication method lists for the system clock....
...time (daylight saving time). Sets the address table aging time. Enters SSH Public Key-chain configuration mode. Enables 802.1x globally. Adds a permanent entry in the ARP cache Specifies the device asset-tag. Enables GVRP globally. Specifies one or more authentication, authorization, and accounting ... crypto certificate import crypto key generate dsa crypto key generate rsa crypto key pubkey-chain ssh dot1x system-auto-control enable password end gvrp enable (global) hostname interface ethernet interface port-channel Description Defines authentication method lists for the system clock....
Command Line Interface Guide
Page 46
... no form of syslog messages stored in the host cache. Specifies the port to be configured from a SSH server. Identifies a specific line for incoming SSH sessions. Enables Internet Group Management Protocol (IGMP) snooping Sets the available name servers. Limits syslog messages displayed from a ...VLAN) mode. Specifies authentication methods for HTTPS. Enables the device to be used by a secure web browser to be configured from an internal buffer based on severity. 46 Command Modes www.dell.com | support.dell.com interface range ethernet interface range port-channel ...
... no form of syslog messages stored in the host cache. Specifies the port to be configured from a SSH server. Identifies a specific line for incoming SSH sessions. Enables Internet Group Management Protocol (IGMP) snooping Sets the available name servers. Limits syslog messages displayed from a ...VLAN) mode. Specifies authentication methods for HTTPS. Enables the device to be used by a secure web browser to be configured from an internal buffer based on severity. 46 Command Modes www.dell.com | support.dell.com interface range ethernet interface range port-channel ...
Command Line Interface Guide
Page 53
.... Displays information about the local user database. Specifies which SSH public key is manually configured and enters the SSH public key-string configuration command UE (User EXEC) Mode Command clear counters enable exit(EXEC) login ping show clock show gvrp configuration show...server settings. Displays the SNMP status. Displays configuration and statistics for a TACACS+ servers. SP (SSH Public Key) Mode Command key-string user-key Description Manually specifies a SSH public key. Enters the privileged EXEC mode. Displays GVRP error statistics. Sends ICMP echo request packets...
.... Displays information about the local user database. Specifies which SSH public key is manually configured and enters the SSH public key-string configuration command UE (User EXEC) Mode Command clear counters enable exit(EXEC) login ping show clock show gvrp configuration show...server settings. Displays the SNMP status. Displays configuration and statistics for a TACACS+ servers. SP (SSH Public Key) Mode Command key-string user-key Description Manually specifies a SSH public key. Enters the privileged EXEC mode. Displays GVRP error statistics. Sends ICMP echo request packets...
Command Line Interface Guide
Page 67
...TACACS server include the username "$enab15$". Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet, SSH or console. Command Mode Global Configuration mode User Guidelines • ...The default and optional list names created with the aaa authentication enable command are used if it fails. This has the...
...TACACS server include the username "$enab15$". Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet, SSH or console. Command Mode Global Configuration mode User Guidelines • ...The default and optional list names created with the aaa authentication enable command are used if it fails. This has the...
Command Line Interface Guide
Page 68
...-name-Uses the indicated list created with the authentication enable command. www.dell.com | support.dell.com Default Configuration Uses the default set with the command authentication enable. Example The following example specifies the default authentication method when accessing a higher privilege level from a remote telnet, SSH or console. To return to another value may disconnect...
...-name-Uses the indicated list created with the authentication enable command. www.dell.com | support.dell.com Default Configuration Uses the default set with the command authentication enable. Example The following example specifies the default authentication method when accessing a higher privilege level from a remote telnet, SSH or console. To return to another value may disconnect...
Command Line Interface Guide
Page 72
... the no password • password-Password for this command. www.dell.com | support.dell.com Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local...
... the no password • password-Password for this command. www.dell.com | support.dell.com Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local...
Command Line Interface Guide
Page 293
...-number no form of this command. Example The following example specifies the port to be configured from a SSH server. Console (config)# ip ssh port 8080 ip ssh server The ip ssh server Global Configuration mode command enables the device to be used by the SSH server (Range: 1 - 65535). To use the default port, use by the...
...-number no form of this command. Example The following example specifies the port to be configured from a SSH server. Console (config)# ip ssh port 8080 ip ssh server The ip ssh server Global Configuration mode command enables the device to be used by the SSH server (Range: 1 - 65535). To use the default port, use by the...
Command Line Interface Guide
Page 294
...)# crypto key generate dsa crypto key generate rsa The crypto key generate rsa Global Configuration mode command generates RSA key pairs. 294 SSH Commands Example The following example enables the device to execute. • DSA key size is 2048 bits. If the device already has DSA keys, a warning and... This command is not saved in pairs: one public DSA key and one private DSA key. www.dell.com | support.dell.com User Guidelines • If encryption keys are not generated, the SSH server is in the FLASH. however, the keys generated by this command are saved in standby until ...
...)# crypto key generate dsa crypto key generate rsa The crypto key generate rsa Global Configuration mode command generates RSA key pairs. 294 SSH Commands Example The following example enables the device to execute. • DSA key size is 2048 bits. If the device already has DSA keys, a warning and... This command is not saved in pairs: one public DSA key and one private DSA key. www.dell.com | support.dell.com User Guidelines • If encryption keys are not generated, the SSH server is in the FLASH. however, the keys generated by this command are saved in standby until ...
Command Line Interface Guide
Page 295
... has RSA keys, a warning and prompt to execute. Console (config)# crypto key generate rsa ip ssh pubkey-auth The ip ssh pubkey-auth Global Configuration mode command enables public key authentication for this function, use the no ip ssh pubkey-auth Default Configuration The function is not saved in pairs: one public RSA key...
... has RSA keys, a warning and prompt to execute. Console (config)# crypto key generate rsa ip ssh pubkey-auth The ip ssh pubkey-auth Global Configuration mode command enables public key authentication for this function, use the no ip ssh pubkey-auth Default Configuration The function is not saved in pairs: one public RSA key...
Command Line Interface Guide
Page 296
... Guidelines • Use this command. Example The following example enables public key authentication for incoming SSH sessions. Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# user-key The user-key SSH Public Key Chain Configuration mode command specifies which can also be.... • rsa-RSA key. 296 SSH Commands Syntax user-key username {rsa | dsa} no keys. www.dell.com | support.dell.com Example The following example enters the SSH Public Key-chain configuration mode. Syntax crypto key pubkey-chain ssh Default Configuration By default, there are no...
... Guidelines • Use this command. Example The following example enables public key authentication for incoming SSH sessions. Console(config)# crypto key pubkey-chain ssh Console(config-pubkey-chain)# user-key The user-key SSH Public Key Chain Configuration mode command specifies which can also be.... • rsa-RSA key. 296 SSH Commands Syntax user-key username {rsa | dsa} no keys. www.dell.com | support.dell.com Example The following example enters the SSH Public Key-chain configuration mode. Syntax crypto key pubkey-chain ssh Default Configuration By default, there are no...
Command Line Interface Guide
Page 297
... mode User Guidelines • Follow this command with the key-string row command. Syntax key-string row key-string • row-Specify SSH public key row by row • key-string-UU-encoded DER format is the same format in authorized_keys file used by OpenSSH. Default ...-encoded DER format is useful for the SSH public key chain called "bob". Default Configuration By default, the keys do not exist. • dsa-DSA key. Example The following example enables a SSH public key to specify the SSH public key row by OpenSSH. SSH Commands 297 This command is the same format...
... mode User Guidelines • Follow this command with the key-string row command. Syntax key-string row key-string • row-Specify SSH public key row by row • key-string-UU-encoded DER format is the same format in authorized_keys file used by OpenSSH. Default ...-encoded DER format is useful for the SSH public key chain called "bob". Default Configuration By default, the keys do not exist. • dsa-DSA key. Example The following example enables a SSH public key to specify the SSH public key row by OpenSSH. SSH Commands 297 This command is the same format...
Command Line Interface Guide
Page 299
... Code ---------HMAC-SH1 The following example displays the SSH server configuration. Port: 22 RSA key was generated. SSH Public Key Authentication is enabled. Example The following table describes the significant fields shown in the display: Field Description IP address Client address SSH username User name Version SSH version number Cipher Encryption type (3DES, Blowfish, RC4...
... Code ---------HMAC-SH1 The following example displays the SSH server configuration. Port: 22 RSA key was generated. SSH Public Key Authentication is enabled. Example The following table describes the significant fields shown in the display: Field Description IP address Client address SSH username User name Version SSH version number Cipher Encryption type (3DES, Blowfish, RC4...
Release Notes
Page 7
...the serial connection to the device to Change Without Notice Page 3 PowerConnect 5324 Release Notes Security SSH Title Serial connection is lost after 4 concurrent SSH sessions Deleting SSH generated crypto key Description An attempt to open more than three concurrent SSH sessions. Workaround: Do not use VLAN 0 for "Authenticated Users... with a VLAN tag = 0 Description When 802.1x packets are transmitted with no relevancy to 802.1x status (enabled or disabled) Workaround: Use CLI for network configurations. Switch default VLAN is generated (RSA or DSA), a key cannot be removed.
...the serial connection to the device to Change Without Notice Page 3 PowerConnect 5324 Release Notes Security SSH Title Serial connection is lost after 4 concurrent SSH sessions Deleting SSH generated crypto key Description An attempt to open more than three concurrent SSH sessions. Workaround: Do not use VLAN 0 for "Authenticated Users... with a VLAN tag = 0 Description When 802.1x packets are transmitted with no relevancy to 802.1x status (enabled or disabled) Workaround: Use CLI for network configurations. Switch default VLAN is generated (RSA or DSA), a key cannot be removed.
Release Notes
Page 10
... autobaud option, press the Enter key twice. • If the autobaud option is enabled on the device, it automatically becomes operational after reset ONLY ONCE, after reset is...DNS Server - The modifications are not synchronized. PowerConnect 5324 Release Notes Documentation updates Introduction This document lists the changes from the PowerConnect 5324 User's Guide. General The following must be...the following commands once when configuring to use a terminal, a Telnet, or an SSH session in order to instances discovered in various user environments. The name cannot start communications...
... autobaud option, press the Enter key twice. • If the autobaud option is enabled on the device, it automatically becomes operational after reset ONLY ONCE, after reset is...DNS Server - The modifications are not synchronized. PowerConnect 5324 Release Notes Documentation updates Introduction This document lists the changes from the PowerConnect 5324 User's Guide. General The following must be...the following commands once when configuring to use a terminal, a Telnet, or an SSH session in order to instances discovered in various user environments. The name cannot start communications...
User's Guide
Page 27
...server maintains a user database, which is similar to configure the device. SSH version 1 is a protocol that is available on the Documentation CD, provides information about the... CLI commands used to an inbound telnet connection. SSH uses RSA Public Key cryptography for validation of users accessing the device. ... security for device connections and authentication. For more information, see "Defining TACACS+ Settings". SSH Secure Shell (SSH) is currently available. Introduction 27 RADIUS Client RADIUS is a client/server-based protocol. ...
...server maintains a user database, which is similar to configure the device. SSH version 1 is a protocol that is available on the Documentation CD, provides information about the... CLI commands used to an inbound telnet connection. SSH uses RSA Public Key cryptography for validation of users accessing the device. ... security for device connections and authentication. For more information, see "Defining TACACS+ Settings". SSH Secure Shell (SSH) is currently available. Introduction 27 RADIUS Client RADIUS is a client/server-based protocol. ...
User's Guide
Page 50
...The configured user name is allowed to manage the device through SSH, Telnet, or the Web interface, a user name must ...see the "CLI Reference Guide". To configure user name and privilege level, enter the command at support.dell.com. To gain complete administrative control over the device the highest priviledge (15) must be specified. NOTE... shown in the configuration example: console> enable console# configure console(config)# username admin password abc level 15 50 Starting and Configuring the Device www.dell.com | support.dell.com Verifying the IP and Default Gateway Addresses...
...The configured user name is allowed to manage the device through SSH, Telnet, or the Web interface, a user name must ...see the "CLI Reference Guide". To configure user name and privilege level, enter the command at support.dell.com. To gain complete administrative control over the device the highest priviledge (15) must be specified. NOTE... shown in the configuration example: console> enable console# configure console(config)# username admin password abc level 15 50 Starting and Configuring the Device www.dell.com | support.dell.com Verifying the IP and Default Gateway Addresses...
User's Guide
Page 56
www.dell.com | support.dell.com console# delete startup-config Startup file was deleted console... the Startup menu. The device is applicable for the following services: • Terminal • Telnet • SSH • HTTP • HTTPS NOTE: Passwords are user-defined. Configuring Security Passwords The security passwords can be .... This command will reset the whole system and disconnect your changes. Although user names can be set to enable access and configuration rights to always assign a password. If there is recommended to the device. Security Management ...
www.dell.com | support.dell.com console# delete startup-config Startup file was deleted console... the Startup menu. The device is applicable for the following services: • Terminal • Telnet • SSH • HTTP • HTTPS NOTE: Passwords are user-defined. Configuring Security Passwords The security passwords can be .... This command will reset the whole system and disconnect your changes. Although user names can be set to enable access and configuration rights to always assign a password. If there is recommended to the device. Security Management ...
User's Guide
Page 57
..., enter the following commands: console(config)# aaa authentication login default line console(config)# aaa authentication enable default line console(config)# line ssh console(config-line)# login authentication default console(config-line)# enable authentication default console(config-line)# password jones. Configuring an Initial Terminal Password To configure an initial terminal password, enter the following...
..., enter the following commands: console(config)# aaa authentication login default line console(config)# aaa authentication enable default line console(config)# line ssh console(config-line)# login authentication default console(config-line)# enable authentication default console(config-line)# password jones. Configuring an Initial Terminal Password To configure an initial terminal password, enter the following...