Using SSH or Telnet to Access the CLI

You can access the CLI with a Secure Shell (SSH) client on port 22. Telnet is not available on the Email Security Appliance (ESA) unless you specifically enable it. SSH and Telnet are permitted on any active ESA interface, but you may have to enable these protocols when creating an interface. If an interface was set up during the System Setup Wizard (SSW), SSH is enabled. If not, navigate to the IP Interfaces page on the Network tab of the WUI. Figure 5-1 shows the check boxes for SSH and Telnet in the WUI. You can also use the interfaceconfig command to enable these protocols.

Figure 5-1. Enabling SSH

Although using Telnet is convenient, a Telnet session is not secure in any way and login credentials are passed in the clear. For this reason, Telnet is never enabled by default on ESAs, and SSH is preferred in all cases. SSH provides the same look and feel as a Telnet session, but all login credentials and data for the session are encrypted. This chapter focuses on using SSH to get to the CLI on the ESA.