Secure Shell (SSH) Server¶
The Secure Shell (SSH) service,
sshd, is always enabled in the
namespace (Networking Namespaces) by default. The SSH service can also run
dataplane namespace, and may be active in both namespaces at the same
dataplane namespace instance of SSH is configured using the
dataplane (enable|disable) command.
Though the SSH service is capable of running in the
it should not be exposed to insecure networks. Brute force and other attacks
against SSH servers are common on the Internet, and exposing TNSR to such
attacks reduces its overall security. At a minimum, access to the service
should be restricted to specific remote hosts or networks by ACLs.
The best practice is to only run SSH in the
To enable the SSH service for the
tnsr(config)# ssh dataplane enable
To disable the SSH service for the
tnsr(config)# ssh dataplane disable
Control the SSH Service¶
The SSH service is controlled by the
service ssh (host|dataplane)
In most cases manual control of the service is unnecessary as the server will start and stop as needed based on the configuration.