Chapter 9: Security
Extreme Networks EAS 100-24t Switch CLI Manual
300
Example usage:
To disable the SSL status on the switch:
To disable ciphersuite RSA_EXPORT_with_RC4_40_MD5 only:
disable ssl
Purpose To disable the SSL function on the switch.
Syntax disable ssl {ciphersuite {RSA_with_RC4_128_MD5 |
RSA_with_3DES_EDE_CBC_SHA | DHE_DSS_with_3DES_EDE_CBC_SHA
| RSA_EXPORT_with_RC4_40_MD5}}
Description This command is used to disable SSL on the switch and can be used to
disable any one or combination of listed ciphersuites on the switch.
Parameters ciphersuite - A security string that determines the exact cryptographic
parameters, specific encryption algorithms and key sizes to be used for an
authentication session. The user may choose any combination of the
following:
RSA_with_RC4_128_MD5 – This ciphersuite combines the RSA key
exchange, stream cipher RC4 encryption with 128-bit keys and the MD5 Hash
Algorithm.
RSA_with_3DES_EDE_CBC_SHA - This ciphersuite combines the RSA key
exchange, CBC Block Cipher 3DES_EDE encryption and the SHA Hash
Algorithm.
DHE_DSS_with_3DES_EDE_CBC_SHA - This ciphersuite combines the DSA
Diffie Hellman key exchange, CBC Block Cipher 3DES_EDE encryption and
SHA Hash Algorithm.
RSA_EXPORT_with_RC4_40_MD5 - This ciphersuite combines the RSA
Export key exchange, stream cipher RC4 encryption with 40-bit keys.
Restrictions Only Administrator-level users can issue this command.
#disable ssl
Command: disable ssl
Success.
#
#disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Command: disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Success.
#
config ssl cachetimeout
Purpose Used to configure the SSL cache timeout.
Syntax config ssl cachetimeout <value 60-86400>
To Next Page
Loading...
