419
In FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]
[ identity-key rsa | prefer-compress zlib | prefer-ctos-cipher { aes128 | aes256 } | prefer-ctos-hmac
{ sha1 | sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac
{ sha1 | sha1-96 } ] * [ publickey keyname | source { interface interface-type interface-number | ipv6
ipv6-address } ] *
Views
User view
Predefined user roles
network-admin
Parameters
server: Specifies a server by its IPv6 address or host name, a case-insensitive string of 1 to 253
characters.
port-number: Specifies the port number of the server, in the range 1 to 65535. The default is 22.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the server belongs, where
vpn-instance-name is a case-sensitive string of 1 to 31 characters.
-i interface-type interface-number: Specifies an output interface by its type and number for IPv6 SSH
packets. The specified output interface must have a link-local address. This option is used when the server
uses a link-local address to provide the SSH service for the client.
identity-key: Specifies a public key algorithm for the client, either dsa or rsa. The default is dsa. If the
server uses publickey authentication, this keyword must be specified.
• dsa: Specifies the public key algorithm dsa.
• rsa: Specifies the public key algorithm rsa.
prefer-compress: Specifies the preferred compression algorithm between the server and the client. By
default, compression is not supported.
zlib: Specifies the compression algorithm zlib.
prefer-ctos-cipher: Specifies the preferred client-to-server encryption algorithm. The default is aes128.
Algorithms des, 3des, aes128, and aes256 are arranged in ascending order in the aspects of security
strength and calculation time.
• 3des: Specifies the encryption algorithm 3des-cbc.
• aes128: Specifies the encryption algorithm aes128-cbc.
• aes256: Specifies the encryption algorithm aes256-cbc.
• des: Specifies the encryption algorithm des-cbc.
prefer-ctos-hmac: Specifies the preferred client-to-server HMAC algorithm. The default is sha1.
Algorithm sha1 features stronger security but costs more time in calculation than md5.
• md5: Specifies the HMAC algorithm hmac-md5.
•
md5-96: S
pecifies the HMAC algorithm hmac-md5-96.
• sha1: Specifies the HMAC algorithm hmac-sha1.
• sha1-96: Specifies the HMAC algorithm hmac-sha1-96.
To Next Page
Loading...
