162
New command: ssh2 algorithm key-exchange
Use ssh2 algorithm key-exchange to specify key exchange algorithms for SSH2.
Use undo ssh2 algorithm key-exchange to restore the default.
Syntax
In non-FIPS mode:
ssh2 algorithm key-exchange { dh-group-exchange-sha1 | dh-group1-sha1 |
dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } *
undo ssh2 algorithm key-exchange
In FIPS mode:
ssh2 algorithm key-exchange { dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 }
*
undo ssh2 algorithm key-exchange
Default
SSH2 uses the key exchange algorithms ecdh-sha2-nistp256, ecdh-sha2-nistp384,
dh-group-exchange-sha1, dh-group14-sha1, and dh-group1-sha1 in descending order of priority
for algorithm negotiation.
Views
System view
Predefined user roles
network-admin
Parameters
dh-group-exchange-sha1: Specifies the key exchange algorithm
diffie-hellman-group-exchange-sha1.
dh-group1-sha1: Specifies the key exchange algorithm diffie-hellman-group1-sha1.
dh-group14-sha1: Specifies the key exchange algorithm diffie-hellman-group14-sha1.
ecdh-sha2-nistp256: Specifies the key exchange algorithm ecdh-sha2-nistp256.
ecdh-sha2-nistp384: Specifies the key exchange algorithm ecdh-sha2-nistp384.
Usage guidelines
If you specify the key exchange algorithms, SSH2 uses only the specified algorithms for algorithm
negotiation. The algorithm specified earlier has a higher priority during negotiation.
Examples
# Specify the algorithm dh-group1-sha1 as the key exchange algorithm for SSH2.
<Sysname> system-view
[Sysname] ssh2 algorithm key-exchange dh-group1-sha1
To Next Page
Loading...
