Configuring a C Series Controller to Accept SSH Connections (SRC CLI)
You can enable SSH to let users who have the appropriate privileges connect to a C Series Controller. For security reasons, we recommend that you do not allow remote users to access the CLI as root.
Use the following configuration statements to enable SSH access from the  hierarchy level:
To configure the C Series Controller to accept SSH connections:
From configuration mode, access the [edit system services ssh] hierarchy level.
(Optional) Specify that SSH version 2 be used.[edit system services ssh]user@host> set protocol-version v2
SSH version 1 is not supported from SRC 4.12 release. When you upgrade to SRC 4.12 release, SSH version 2 is enabled by default even if you have configured SSH version 1 in the previous SRC release.
(Optional) Specify the listening port number for incoming SSH connections. The value range is 1–65,535. By default, the SRC software listens for incoming SSH connections on port 22.[edit system services ssh]user@host> set port port
It is recommended that you configure a value lower than 1024 because only root users can listen on port numbers lower than 1024. This prevents other users from listening on the port. If you configure a value higher than 1024, a warning message is displayed.
If you set the listening port number to a value other than the default, you must append the “–p” flag to the configured listening port number while logging in to the SRC system. For example, ssh firstname.lastname@example.org –p port.
(Optional) Specify whether or not to allow users to log in as root through SSH:[edit system services ssh]user@host> set root-login (allow | deny | deny-password)
allow—Allows users to log in to the C Series Controller as root through SSH
deny—Prevents users from logging in to the C Series Controller as root through SSH
deny-password—Allows users to log in to the C Series Controller as root through SSH when the authentication method (for example, RSA authentication) does not require a password. This is the default.