• by

SSH provides a secure channel over an unsecured network, we can use telnet for remote access device but to be a more secure channel and protective with your login credentials, we want to use Secure Shell (SSH). The difference between SSH and Telnet are Telnet create a session with an unencrypted channel but SSH is a totally encrypted data between you and your device over a secure session.

We use SSH for remotely accessing a device. For accessing the device first you have to configure IP address at management interface and that IP address must be reachable from your network. After reaching the IP address you are able to SSH to your desired device.

For example, if you configure your JUNOS

device with a management interface address of, and your accessible device IP address is within your network. Its better check with ping first to make sure the reachability:

user@geek> ping
PING ( 56 data bytes
64 bytes from icmp_seq=0 ttl=64 time=1.979 ms 
64 bytes from icmp_seq=1 ttl=64 time=2.329 ms 
64 bytes from icmp_seq=2 ttl=64 time=2.598 ms 
^C --- ping statistics --- 3 packets transmitted, 
3 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.979/2.302/2.598/0.253 ms

Accessing the device you should enable the SSH service. Now, you’re trying to access the device using SSH, so you must tell the device to allow SSH connections. To configure the SSH service on the device, do the following:

user@geek# set system services SSH 
user@geek# show system 
      { services 
         { SSH; 

After you enable SSH on the device, you can use root login using SSH. Now you can access the JUNOS device via an encrypted session. Because this session is encrypted now, and you can now log in to the JUNOS device remotely using the root login:

ssh root@ 
root@'s password: 
--- JUNOS 11.2R5.4 built 2012-01-12 02:29:01 UTC 


Then you just enter the password what you have already configured when you create a password for root-authentication. When you log into the device as root, you log in directly to the FreeBSD shell. To start the CLI, issue the cli command at the prompt. You can use permission for specific IP address, who can access the device only with SSH.