IPI-SSH

OcNOS-SP : NetConf Command Reference : NetConf Reference : IPI-SSH

IPI-SSH

Configure enable

Use this attribute to enable ssh debugging configurations

Attribute Name: enable

Attribute Type: empty

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<debug>

</enable>

</config>

</debug>

</ssh-server>

Command Syntax

debug ssh server

Configure vrf name

Use this attribute to enable the SSH server.

Attribute Name: enable

Attribute Type: boolean

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrfs>

<vrf>

<vrf-name>management</vrf-name>

<vrf-name>management</vrf-name>

</config>

</vrf>

</vrfs>

</ssh-server>

Command Syntax

feature ssh (vrf management|)

Configure port

VRF Name associated with this instance

Attribute Name: vrf-name

Attribute Type: string

Attribute Name: port

Attribute Type: uint32

Attribute Range: 1024-65535

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrfs>

<vrf>

<vrf-name>management</vrf-name>

<vrf-name>management</vrf-name>

</config>

</vrf>

</vrfs>

</ssh-server>

Command Syntax

ssh server port <1024-65535> (vrf management|)

Configure max login attempts

VRF Name associated with this instance

Attribute Name: vrf-name

Attribute Type: string

Attribute Name: max-login-attempts

Attribute Type: uint8

Default Value: 3

Attribute Range: 1-3

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrfs>

<vrf>

<vrf-name>management</vrf-name>

<vrf-name>management</vrf-name>

<max-login-attempts>1</max-login-attempts>

</config>

</vrf>

</vrfs>

</ssh-server>

Command Syntax

ssh login-attempts <1-3> (vrf management|)

Configure session limit

VRF Name associated with this instance

Attribute Name: vrf-name

Attribute Type: string

Attribute Name: session-limit

Attribute Type: uint8

Attribute Range: 1-40

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrfs>

<vrf>

<vrf-name>management</vrf-name>

<vrf-name>management</vrf-name>

<session-limit>1</session-limit>

</config>

</vrf>

</vrfs>

</ssh-server>

Command Syntax

ssh server session-limit <1-40> (vrf management|)

Configure triple des cbc

Use this attribute to set the 3DES-CBC Cipher

This command is supported when following feature are enabled ssh server feature

Attribute Name: triple-des-cbc

Attribute Type: empty

Attribute Name: aes128-ctr

Attribute Type: empty

Attribute Name: aes192-ctr

Attribute Type: empty

Attribute Name: aes256-ctr

Attribute Type: empty

Attribute Name: aes128-cbc

Attribute Type: empty

Attribute Name: aes192-cbc

Attribute Type: empty

Attribute Name: aes256-cbc

Attribute Type: empty

Netconf edit-config payload

<ssh-server xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrfs>

<vrf>

<vrf-name>management</vrf-name>

<vrf-name>management</vrf-name>

</config>

<encryption-algorithms>

</aes128-ctr>

</aes192-ctr>

</aes256-ctr>

</aes128-cbc>

</aes192-cbc>

</aes256-cbc>

</triple-des-cbc>

</config>

</encryption-algorithms>

</vrf>

</vrfs>

</ssh-server>

Command Syntax

ssh server algorithm encryption { aes128-ctr| aes192-ctr| aes256-ctr| aes128-cbc| aes192-cbc| aes256-cbc| 3des-cbc } (vrf management|)

Configure public key

Use this attribute to set the ssh public-key

Attribute Name: public-key

Attribute Type: string

Netconf edit-config payload

<user-management xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-user-management">

<users>

<user>

<username>USERNAME</username>

<username>USERNAME</username>

</config>

<ssh-keys xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<public-key>LINE</public-key>

</config>

</ssh-keys>

</user>

</users>

</user-management>

Command Syntax

username USERNAME sshkey LINE

debug ssh server

Netconf RPC payload

<ssh-terminal-debug-on xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh"/>

Command Syntax

debug ssh server

no debug ssh server

Netconf RPC payload

<ssh-terminal-debug-off xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh"/>

Command Syntax

no debug ssh server

clear ssh hosts

Netconf RPC payload

<ssh-clear-hosts xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh"/>

Command Syntax

clear ssh hosts

ssh keygen host dsa (vrf management|) (force|)

Attribute Name: vrf-name

Attribute Type: string

Default Value: default

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-server-dsa-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrf-name>management</vrf-name>

</ssh-generate-server-dsa-key>

Command Syntax

ssh keygen host dsa (vrf management|) (force|)

ssh keygen host rsa (length <1024-4096>|) (vrf management|) (force|)

Attribute Name: length

Attribute Type: uint32

Default Value: 2048

Attribute Range: 1024-4096

Attribute Name: vrf-name

Attribute Type: string

Default Value: default

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-server-rsa-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrf-name>management</vrf-name>

</ssh-generate-server-rsa-key>

Command Syntax

ssh keygen host rsa (length <1024-4096>|) (vrf management|) (force|)

ssh keygen host ecdsa (length (256|384|521)|) (vrf management|) (force|)

Attribute Name: length

Attribute Type: enum (256|384|521)

Default Value: 521

Attribute Name: vrf-name

Attribute Type: string

Default Value: default

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-server-ecdsa-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrf-name>management</vrf-name>

</ssh-generate-server-ecdsa-key>

Command Syntax

ssh keygen host ecdsa (length (256|384|521)|) (vrf management|) (force|)

ssh keygen host ed25519 (vrf management|) (force|)

Attribute Name: vrf-name

Attribute Type: string

Default Value: default

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-server-ed25519-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrf-name>management</vrf-name>

</ssh-generate-server-ed25519-key>

Command Syntax

ssh keygen host ed25519 (vrf management|) (force|)

clear ssh host-key ((dsa|rsa|ecdsa|ed25519)|) (vrf management|)

Attribute Name: type

Attribute Type: enum (all-keys|dsa|rsa|ecdsa|ed25519)

Default Value: all-keys

Attribute Name: vrf-name

Attribute Type: string

Default Value: default

Netconf RPC payload

<ssh-clear-server-keys xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<vrf-name>management</vrf-name>

</ssh-clear-server-keys>

Command Syntax

clear ssh host-key ((dsa|rsa|ecdsa|ed25519)|) (vrf management|)

username USERNAME keypair rsa (length <1024-4096>|) (force|)

Attribute Name: user-name

Attribute Type: string

Attribute Name: length

Attribute Type: uint32

Default Value: 4096

Attribute Range: 1024-4096

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-user-rsa-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<user-name>USERNAME</user-name>

</ssh-generate-user-rsa-key>

Command Syntax

username USERNAME keypair rsa (length <1024-4096>|) (force|)

username USERNAME keypair dsa (force|)

Attribute Name: user-name

Attribute Type: string

Attribute Name: force

Attribute Type: boolean

Default Value: false

Netconf RPC payload

<ssh-generate-user-dsa-key xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<user-name>USERNAME</user-name>

</ssh-generate-user-dsa-key>

Command Syntax

username USERNAME keypair dsa (force|)

clear ssh keypair user USERNAME

Attribute Name: user-name

Attribute Type: string

Netconf RPC payload

<ssh-clear-user-keys xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ssh">

<user-name>USERNAME</user-name>

</ssh-clear-user-keys>

Command Syntax

clear ssh keypair user USERNAME

Last modified date: 08/22/2023