SSH (Secure Shell) Server and Client

Document revision v 1.1 (25-Apr-2003)
This document applies to the MikroTik RouterOS V2.7

Contents of the Manual

Contents of the Manual
Summary
Specifications
Related Documents
SSH Server
SSH Client
- Example
Additional Resources
- Links for Windows Client:
- Other links:

SSH Client authenticates server and encrypts traffic between the client and server. You can use SSH just the same way as telnet - you run the client, tell it where you want to connect to, give your username and password, and everything is the same after that. After that you won't be able to tell that you're using SSH. The SSH feature can be used with various SSH Telnet clients to securely connect to and administrate the router.

The MikroTik RouterOS supports:

SSH 1.3, 1.5, and 2.0 protocol standards
server functions for secure administration of the router
telnet session termination with 40 bit RSA SSH encryption is supported
secure ftp is not supported
Winbox connection encryption (TSL)

The MikroTik RouterOS has been tested with the following SSH telnet terminals:

PuTTY
Secure CRT
Most SSH compatible telnet clients

Specifications

Packages required : security
License required : Any
Home menu level : /system ssh
Protocols utilized : SSH
Hardware usage : not significant

SSH Server

Submenu level : /ip service

Description

SSH Server is already up and running after Mikro Tik router installation. The default port of the service is 22. You can set a different port number.

Property Description

name (name) - service name
port (1...65535) - port the service listens on
address (IP address/mask; default: 0.0.0.0/0) - IP address from which the service is accessible

Example

[admin@MikroTik] ip service>set ssh port=51
[admin@MikroTik] ip service> print
Flags: X - disabled, I - invalid
  #   NAME                                                            PORT  ADDRESS
  0   telnet                                                          23    0.0.0.0/0
  1   ftp                                                             21    0.0.0.0/0
  2   www                                                             80    0.0.0.0/0
  3   ssh                                                             51    0.0.0.0/0
[admin@MikroTik] ip service>

SSH Client

Command name:/system ssh

Example

[admin@MikroTik] /system ssh 10.0.0.211 user=admin port=22
admin@10.0.0.211's password:


  MMM      MMM       KKK                          TTTTTTTTTTT      KKK
  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK
  MMM MMMM MMM  III  KKK  KKK  RRRRRR     OOOOOO      TTT     III  KKK  KKK
  MMM  MM  MMM  III  KKKKK     RRR  RRR  OOO  OOO     TTT     III  KKKKK
  MMM      MMM  III  KKK KKK   RRRRRR    OOO  OOO     TTT     III  KKK KKK
  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK

  MikroTik RouterOS v2.7 (c) 1999-2002       http://www.mikrotik.com/


Terminal vt100 detected, using single line input mode
[admin@10.0.0.211] >

Additional Resources

Links for Windows Client:

http://www.zip.com.au/~roca/ttssh.html
http://www.chiark.greenend.org.uk/~sgtatham/putty.html
http://pgpdist.mit.edu/FiSSH/index.html
http://telneat.lipetsk.ru/
http://support.jgaa.com/?cmd=ShowArticle&ID=11
http://akson.sgh.waw.pl/~chopin/ssh/index_en.html
http://cs.mscd.edu/MSSH/index.html
http://www.networksimplicity.com/openssh/