352
If you specify algorithms, SSH2 uses only the specified algorithms for algorithm negotiation. The
client uses the specified algorithms to initiate the negotiation, and the server uses the matching
algorithms to negotiate with the client.
If multiple algorithms of the same type are specified, the algorithm specified earlier has a higher
priority during negotiation. The specified SSH2 algorithms do not affect SSH1 sessions.
Specifying key exchange algorithms for SSH2
1. Enter system view.
system-view
N/A
2.
algorithms for SSH2.
• In non-FIPS mode:
ssh
key-exchange
{ dh-group-exchange-sha1
| dh-group1-sha1 |
dh-group14-sha1 |
ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } *
• In FIPS mode:
ssh2 algorithm
key-exchange
{ dh-group14-sha1 |
ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } *
By default, SSH2
uses the key
exchange algorithms
ecdh-sha2-nistp256
,
ecdh-sha2-nistp384
,
dh-group-exchange-sha1
,
dh-group14-sha1
dh-group1-sha1
order of priori
negotiation.
Specifying public key algorithms for SSH2
1. Enter system view.
system-view
N/A
2. Specify
algorithms for SSH2.
• In non-FIPS mode:
ssh2 algorithm public-key
{ dsa | ecdsa | rsa |
x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 }
*
• In FIPS mode:
ssh2 algorithm public-key
{ ecdsa | rsa |
x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 }
*
By default, SSH2 uses the public
x509v3-ecdsa-sha2-nistp256
,
x509v3-ecdsa-sha2-nistp384
,
ecdsa
,
rsa
, and
dsa
in
descending order of priority for
algorithm negotiation.
Specifying encryption algorithms for SSH2
1. Enter system view.
N/A
2. Specify encryption
algorithms for SSH2.
• In non-FIPS mode:
ssh
{ 3des-cbc | aes128-cbc |
aes256-cbc | des-cbc |
aes128-ctr | aes192-ctr |
aes256-ctr | aes128-gcm |
By default, SSH2 uses the
encryption algorithms
aes128-ctr
,
aes192-ctr
,
aes256-ctr
,
aes128-gcm
,
aes256-gcm
,
aes128-cbc
,
3des-cbc
,
aes256-cbc
, and
des-cbc
in
To Next Page
Loading...
Need help?
General