CHAPTER 5: USING THE COMMAND LINE I NTERFACE WITH SECURE SHELL AND T ELNET 69Chapter 5: Using the Command Line Interfacewith Secure Shell and TelnetSecure Shell (SSH) AccessUsing a Secure Shell (SSH) client, you can connect and get direct access to the remote target device’sconsole ports. A number of SSH clients are available and can be obtained from the following locations 1 :• Putty - http://www.chiark.greenend.org.uk/~sgtatham/putty/• SSH Client from ssh.com – www.ssh.com• Applet SSH Client – www.netspace.org/ssh• OpenSSH Client - www.openssh.orgOnce you have obtained and installed an SSH client on your machine, launch the SSH client application.You must enter the appropriate IP address, select SSH (which always uses port 22), and click on the [Open]button. The example below is done using PUTTY.Support for SSH is provided in the Dominion SX. By default, the SSHv2 Server is always running. Use anySSH client that supports SSHv2 to connect to it.Specific information about configuring particular SSH clients is beyond the scope of this document.1. Ensure that the terminal emulation on the host to be accessed is set to VT100.2. On most UNIX systems, the env command can provide the terminal type set on the host. For example,if the terminal type setting on a SUN Solaris server is set to SUN, then the SSH client should also beset to SUN.3. Also ensure that the character-set in use on the host matches the character-set for the SSH client. Forexample, if the character-set setting on a SUN Solaris server is set to ISO8859-1, then the SSH clientshould also be set to ISO8859-1.4. Ensure that the default Escape sequence set on the Dominion SSH server does not conflict with a keysequence required by either the SSH client or the host operating system. The Escape key sequence isuser-configurable.A Secure Shell (hereinafter, SSH) session can be initiated in two ways:1. Interactive session - During interactive session, the user provides the commands using menu.2. Using Command Line Arguments - Using command line mode, all the parameters of a command(including user-name and password) can be provided at the time of invocation of SSH client.Interactive SessionNote: CLI commands are the same for SSH and Telnet sessions.An SSH session is always started with “dominion” as the login name and IP Address of Dominion SXunit. No password entry is required for this first step. [Note: This login name is NOT created or /addedusing Dominion’s add user feature, it is a system-defined name for use with SSH/Telnet.]After an SSH user gets connected with the Dominion SX, then the user is prompted for the authorized username and password. This user name should have been already created using the Dominion’s add-userfeature from the HTTP-based configuration menu; it can be local or remote (using RADIUS, TACACS+, orLDAP). After the user name and password is authenticated, then the user is presented with a menu ofsupported commands in SSH. At this point the user is not connected to any ports.Operators and Observers are limited in the commands they can execute: help, console_cmd, list_ports, userconfig -> password quit.1 Raritan does its best to keep these links accurate. If you find inaccuracies with this information, pleasecontact Raritan.