40
Enhancements
Release R.11.14 Enhancements
Displaying the SSH Information
The show ip ssh command has been enhanced to display information about ciphers, MACs, and key
types and sizes.
ProCurve(config)# show ip ssh
SSH Enabled : No Secure Copy Enabled : No
TCP Port Number : 22 Timeout (sec) : 120
IP Version : IPv4orIPv6
Host Key Type : RSA Host Key Size : 1024
Ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
MACs : hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
Ses Type | Source IP Port
--- -------- + ---------------------------------------------- -----
1 console |
2 inactive |
3 inactive |
4 inactive |
5 inactive |
6 inactive |
Figure 3. Example of show ip ssh Command Showing Ciphers, MACs and Key Information
Logging Messages
There are new event log messages when a new key is generated and zeroized for the server:
ssh: New <num-bits> -bit [rsa | dsa] SSH host key installed
ssh: SSH host key zeroized
There are also new messages that indicates when a client public key is installed or removed:
ssh: <num-bits>-bit [rsa | dsa] client public key [installed | removed] ([manager| operator] access)
(key_comment)
Note: Only up to 39 characters of the key comment are included in the event log message.
Debug Logging
To add ssh messages to the debug log output, enter this command:
ProCurve# debug ssh LOGLEVEL
where LOGLEVEL is one of the following (in order of increasing verbosity):
•fatal
• error
To Next Page
Loading...
