Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Monitoring the Current Status of the SSH Server

    Purpose

    Display the current state of the SSH server. You can also use the detail keyword to display the encryption and MAC algorithm lists for the client and server. For each active session, detail shows the version of SSH running on the client and the algorithms in use for encryption and message authentication.

    Action

    To display the current state of the SSH server:

    host1#show ip ssh detail
    SSH Server version: SSH-2.0-2.0.12
    SSH Server status: enabled, up since THU JUL 24 2008 16:01:17 UTC
    supported encryption, inbound: 3des-cbc,blowfish-cbc,twofish-cbc
    supported encryption, outbound: 3des-cbc,blowfish-cbc,twofish-cbc
    supported MAC, inbound: hmac-sha1,hmac-sha1-96,hmac-md5
    supported MAC, outbound: hmac-sha1,hmac-sha1-96,hmac-md5
    user authentication: enabled
    user authentication protocol: TACACS+
    
    retry limit: 20
    sleep period: 600
    timeout: 600
    connections since last system reset: 4 out of 4 attempts
    connections since daemon startup:    4 out of 4 attempts
    active sessions: 1

    id

    username

    host

    uptime (d:h:m:s)

    client version

    ciphers inbound/outbound

    MAC inbound/outbound

    3

    mcarr

    10.0.0.145

    0:00:00:19

    SSH-2.0-2.0.12 F-SECURE SSH

    3des-cbc/3des-cbc

    hmac-md5/hmac-md5

    Note: To view failed connection attempts and other protocol errors logged at the error severity level, use the show log data command.

    Meaning

    Table 1 lists the show ip ssh detail command output fields.

    Table 1: show ip ssh detail Output Fields

    Field Name

    Field Description

    daemon status

    Indicates whether the SSH server is enabled; if so, how long it has been up

    supported encryption, inbound

    Encryption algorithms supported inbound from the client

    supported encryption, outbound

    Encryption algorithms supported outbound to the client

    supported MAC, inbound

    Message authentication code algorithms supported inbound from the client

    supported MAC outbound

    Message authentication code algorithms supported outbound to the client

    connections since last system reset

    Number of connections made through SSH since the last time the system was reset

    connections since daemon startup

    Number of connections made since the SSH server was enabled

    active sessions

    Number of SSH sessions currently active:

    • id—Session ID number
    • username—Username for the remote user that initiated the session
    • host—IP address of the remote client
    • uptime (d:h:m:s)—Duration of the session
    • client version—Version of the SSH software run by the remote client
    • ciphers inbound/outbound—Encryption algorithms used by the client and the system for this session
    • MAC inbound/outbound—Message authentication code algorithms used by the client and the system for this session

    Published: 2014-08-12