Configuration Guide SSH Commands
AES-192-CBC, AES-256-CBC, Blow fish-CBC
Encryption mode: CTR (Counter)
Encryption algorithm: AES128-CTR, AES192-CTR, AES256-CTR
Encryption mode: Others
Encryption algorithm: RC4
All encryption modes are supported by default.
Global configuration mode
This command is used to set the SSH server encryption mode.
For Ruijie Networks, the SSHv1 server supports DES-CBC, 3DES-CBC, and Blowfish-CBC; the
SSHv2 server supports AES128-CTR, AES192-CTR, AES256-CTR, DES-CBC, 3DES-CBC,
AES-128-CBC, AES-192-CBC, AES-256-CBC, Blowfish-CBC, and RC4. All these algorithms can be
grouped into CBC, CTR and Other as shown above.
With the advancement of cryptography study, CBC and Others encryption modes are proved to easily
decipher. It is recommended to enable the CTR mode to raise assurance for organizations and
enterprises demanding high security.
The following example enables CTR encryption mode.
Ruijie# configure terminal
Ruijie(config)# ip ssh cipher-mode ctr
11.7 ip ssh hmac-algorithm
Use this command to set the algorithm for message authentication.
Use the no form of this command to restore the default setting.
ip ssh hmac-algorithm { md5 | md5-96 | sha1 | sha1-96 }
SSHv1: all the algorithms are not supported.
SSHv2: all the algorithms are supported.
Global configuration mode
To Next Page
Loading...
