< Home

ssh server acl

Function

The ssh server acl command configures an ACL that the SSH server uses to control the access permission of SSH clients.

The undo ssh server acl command cancels the configured ACL of the SSH server.

By default, no ACL is configured for SSH servers.

Format

ssh [ ipv6 ] server acl acl-number

undo ssh [ ipv6 ] server acl

Parameters

Parameter Description Value
acl-number Specifies an ACL number. The value is an integer that ranges from 2000 to 3999.

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

Configure the ACL for the following servers for access control:
  • STelnet server: controls which clients can log in to this server through STelnet.
  • SFTP server: controls which clients can log in to this server through SFTP.
  • SCP server: controls which clients can log in to this server through SCP.

Prerequisites

An ACL has been configured using the acl (system view) command in the system view, and an ACL rule has been configured using the rule (basic ACL view) or rule (advanced ACL view) command.

Precautions

A basic ACL can be configured to restrict source addresses. An advanced ACL can be configured to restrict source and destination addresses.

Example

# Configure ACL 2000 on an SSH server.

<HUAWEI> system-view
[HUAWEI] acl 2000
[HUAWEI-acl-basic-2000] rule permit source 10.10.10.10 0
[HUAWEI-acl-basic-2000] quit
[HUAWEI] ssh server acl 2000
Parent Topic: User Login Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >