■ ciphers inbound/outbound—Encryption algorithms used by the client
and the system for this session
■ MAC inbound/outbound—Message authentication code algorithms used
by the client and the system for this session
■ Example
host1#show ip ssh detail
SSH Server version: SSH-2.0-2.0.12
SSH Server status: enabled, up since THU JUL 24 2008 16:01:17 UTC
supported encryption, inbound: 3des-cbc,blowfish-cbc,twofish-cbc
supported encryption, outbound: 3des-cbc,blowfish-cbc,twofish-cbc
supported MAC, inbound: hmac-sha1,hmac-sha1-96,hmac-md5
supported MAC, outbound: hmac-sha1,hmac-sha1-96,hmac-md5
user authentication: enabled
user authentication protocol: TACACS+
retry limit: 20
sleep period: 600
timeout: 600
connections since last system reset: 4 out of 4 attempts
connections since daemon startup: 4 out of 4 attempts
active sessions: 1
MAC
inbound/outbound
ciphers
inbound/outboundclient version
uptime
(d:h:m:s)hostusernameid
hmac-md5/hmac-md53des-cbc/3des-cbcSSH-2.0-2.0.12
F-SECURE SSH
0:00:00:1910.0.0.145mcarr3
■ To view failed connection attempts and other protocol errors logged at the error
severity level, use the show log data command:
host1#show log data category ssh severity error
■ See show ip ssh.
Terminating an SSH Session
You can use the session identifier to terminate an SSH session.
disconnect ssh
Secure System Administration with SSH ■ 445
Chapter 7: Passwords and Security
To Next Page
Loading...