Filter
Top Products
48-6
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 48 Configuring Device Access Settings on Firewall Devices
Configuring Secure Shell Access
Field Reference
Add and Edit SSH Host Dialog Boxes
Use the Add Host dialog box to add an SSH access rule.
Note The Edit Host dialog box is virtually identical to the Add Host dialog box, and is used to modify existing
SSH access rules. The following descriptions apply to both dialog boxes.
Navigation Path
You can access the Add and Edit Host dialog boxes from the Configuring Secure Shell Access,
page 48-5.
Table 48-5 Secure Shell Page
Element Description
SSH Version Specify the SSH version(s) accepted by the device: choose 1, 2, or 1
and 2. By default, SSH Version 1 and SSH Version 2 connections are
accepted.
Timeout Enter the number of minutes, 1 to 60, the Secure Shell session can
remain idle before the device closes it. The default value is 5 minutes.
Allowed Hosts table Use the Add Row, Edit Row, and Delete Row buttons below this table
to manage the hosts allowed to connect to the security device via SSH.
Add Row opens the Add Host dialog box, while Edit Row opens the
Edit Host dialog box. See Add and Edit SSH Host Dialog Boxes,
page 48-6 for information about these dialog boxes.
Enable Secure Copy Check this box to enable the secure copy (SCP) server on the security
appliance. This allows the appliance to function as an SCP server for
transferring files from/to the device. Only clients that are allowed to
access the security appliance using SSH can establish a secure copy
connection.
This implementation of the secure copy server has the following
limitations:
• The server can accept and terminate connections for secure copy,
but cannot initiate them.
• The server does not have directory support. The lack of directory
support limits remote client access to the security appliance
internal files.
• The server does not support banners.
• The server does not support wildcards.
• The security appliance license must have the VPN-3DES-AES
feature to support SSH version 2 connections.