Modify an SSHd configuration

Change one or more existing SwitchServices sshd configurations. If you select multiple configurations, you can modify all of the selected configurations at one time.

Access mode

enable

Syntax

switchServices sshd

Arguments

Field Name Description
adminState enumeration Optional: The administrative state of the SSH server.

The default setting is "disabled".

Valid values:
  • enabled : The SSH server is running.
  • disabled : The SSH server is not running.
maxSessions integer Optional: The maximum number of SSH sessions allowed.

Valid values are from 0 to 10; the default setting is "4".
serverKeyId text Optional: The SSH server's DSA key ID. It indicates an index field within the Certificate and Key Manager entity to a DSA key. This key ID must be present for the server to operate. The key ID is generated using the Sun Secure Application Switch CKM utility.
idleTimeout integer Optional: The maximum number of seconds a session can remain idle before it is terminated. Use 0 to disable timeout (allow the session to remain live regardless of the duration of inactivity).

Valid values are from 0 to 86400; the default setting is "600".
authenticationBanner text Optional: A text message sent to the SSH client during authentication. Enter between 0 and 255 alphanumeric characters.
confEncryption enumeration Optional: The encryption method(s) used.

The default setting is "des3Cbc;blowfishCbc;des".

Valid values:
  • none : No data protection.
  • des : The original Data Encryption Standard (DES) algorithm supported by SSHv1.
  • des3 : Triple DES algorithm.
  • blowfish : Blowfish algorithm.
  • des3Cbc : Triple DES algorithm, required by RFC1201, with cipher-block chaining.
  • blowfishCbc : Blowfish algorithm, with cipher-block chaining.
confHmac enumeration Optional: The Hash Message Authentication Code (HMAC) method. Enter the list of allowable HMAC algorithms. HMAC is a type of checksum to help verify data integrity.

The default setting is "md5;sha1;md5b96;sha1b96".

Valid values:
  • sha1 : full SHA1.
  • sha1b96 : 96 bit SHA1.
  • md5 : full MD5.
  • md5b96 : 96 bit MD5.
userAuthentication enumeration Optional: The user authentication method. Enter the list of accepted user authentication methods.

The default setting is "publicKey;password".

Valid values:
  • none : no authentication method used to verify user.
  • password : user/password authentication.
  • publicKey : user/host public key authentication.
hostAuthentication text Optional: The list of allowable and prohibited clients, by IP address. Enter a comma-separated list of client addresses. These are the addresses that you want to explicitly permit or deny. The following special characters are accepted:

!: the NOT character, to deny an address.
~: a wildcard that replaces multiple characters.
x: a wildcard that replaces a single character.

The default setting is "none".