SSH for IPv6

Beginning with software release K.14.01, SSH for IPv4 and IPv6 operate simultaneously with the same command set. Both are enabled in the default configuration, and are controlled together by the same command set. SSH for IPv6 provides the same Telnet-like functions through encrypted, authenticated transactions as SSH for IPv4. SSH for IPv6 provides CLI (console) access and secure file transfer functionality. The following types of transactions are supported:

  • Client public-key authenticationPublic keys from SSH clients are stored on the switch. Access to the switch is granted only to a client whose private key matches a stored public key.

  • Password-only client authenticationThe switch is SSH-enabled but is not configured with the login method that authenticates a client's public-key. Instead, after the switch authenticates itself to a client, users connected to the client authenticate themselves to the switch by providing a valid password that matches the operator- and/or manager-level password configured and stored locally on the switch or on a RADIUS or TACACS+ server.

  • Secure Copy (SCP) and Secure File Transfer Protocol (SFTP) client applicationsYou can use either one SCP session or one SFTP session at a given time to perform secure file transfers to and from the switch.

By default, SSH is automatically enabled for IPv4 and IPv6 connections on a switch. Use the ip ssh command options to reconfigure the default SSH settings used in SSH authentication for IPv4 and IPv6 connections:

  • TCP port number

  • timeout period

  • file transfer

  • MAC type

  • cipher type

  • listening port