182
In FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key rsa | prefer-compress zlib | prefer-ctos-cipher { aes128 |
aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher
{ aes128 | aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] * [ escape character | publickey
keyname | source { interface interface-type interface-number | ipv6 ipv6-address } ] *
New syntax
In non-FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key { dsa | ecdsa | rsa | { x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain domain-name } | prefer-compress zlib |
prefer-ctos-cipher { 3des-cbc | aes128-cbc | aes256-cbc | des-cbc | aes128-ctr | aes192-ctr |
aes256-ctr | aes128-gcm | aes256-gcm } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } | prefer-kex { dh-group-exchange-sha1 | dh-group1-sha1 |
dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } | prefer-stoc-cipher { 3des-cbc |
aes128-cbc | aes256-cbc | des-cbc | aes128-ctr | aes192-ctr | aes256-ctr | aes128-gcm |
aes256-gcm } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 | sha2-256 | sha2-512 } ] *
[ dscp dscp-value | escape character | { public-key keyname | server-pki-domain domain-name }
| source { interface interface-type interface-number | ipv6 ipv6-address } ] *
In FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key { ecdsa | rsa | { x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain domain-name } | prefer-compress zlib |
prefer-ctos-cipher { aes128-cbc | aes256-cbc | aes128-ctr | aes192-ctr | aes256-ctr |
aes128-gcm | aes256-gcm } | prefer-ctos-hmac { sha1 | sha1-96 | sha2-256 | sha2-512 } |
prefer-kex { dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } | prefer-stoc-cipher
{ aes128-cbc | aes256-cbc | aes128-ctr | aes192-ctr | aes256-ctr | aes128-gcm | aes256-gcm } |
prefer-stoc-hmac { sha1 | sha1-96 | sha2-256 | sha2-512 } ] * [ escape character | { public-key
keyname | server-pki-domain domain-name } | source { interface interface-type interface-number
| ipv6 ipv6-address } ] *
Views
User view
Change description
The following keywords were added:
Keywords for specifying PKI domains used in certificate verification:
pki-domain domain-name: Specifies the PKI domain of the client's certificate. When the
public key algorithm is x509v3 (x509v3-ecdsa-sha2-nistp256 or
x509v3-ecdsa-sha2-nistp384), you must specify this option for the client to get the correct
local certificate.
To Next Page
Loading...
