HP 6125XLG Command Reference Manual page 204

Parameters
server: Specifies a server by its IPv6 address or host name, a case-insensitive string of 1 to 253
characters.
port-number: Specifies the port number of the server, in the range 1 to 65535. The default is 22.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance that the server belongs to, where
vpn-instance-name is a case-sensitive string of 1 to 31 characters.
-i interface-type interface-number: Specifies the outgoing interface used by the client to connect to the
server. The interface-type interface-number argument specifies the outgoing interface by its type and
number. This option is only used when the server uses a link-local address, and the specified outgoing
interface on the client must have a link-local address.
identity-key: Specifies the public key algorithm for the client, either dsa or rsa. The default is dsa. If the
server uses publickey authentication, this keyword must be specified.
• dsa: Specifies the public key algorithm dsa.
rsa: Specifies the public key algorithm rsa.
•
prefer-compress: Specifies the preferred compression algorithm between the server and the client. By
default, compression is not supported.
zlib: Specifies the compression algorithm zlib.
prefer-ctos-cipher: Specifies the preferred client-to-server encryption algorithm. The default is aes128.
Algorithms des, 3des, aes128, and aes256 are arranged in ascending order in the aspects of security
strength and calculation time.
3des: Specifies the encryption algorithm 3des-cbc.
•
• aes128: Specifies the encryption algorithm aes128-cbc.
aes256: Specifies the encryption algorithm aes256-cbc.
•
des: Specifies the encryption algorithm des-cbc.
•
prefer-ctos-hmac: Specifies the preferred client-to-server HMAC algorithm. The default is sha1.
Algorithm sha1 features stronger security but costs more time in calculation than md5.
md5: Specifies the HMAC algorithm hmac-md5.
•
md5-96: Specifies the HMAC algorithm hmac-md5-96.
•
sha1: Specifies the HMAC algorithm hmac-sha1.
•
• sha1-96: Specifies the HMAC algorithm hmac-sha1-96.
prefer-kex: Specifies the preferred key exchange algorithm. The default algorithm is dh-group-exchange
in non-FIPS mode and is dh-group14 in FIPS mode. Algorithm dh-group14 features stronger security but
costs more time in calculation than dh-group1
• dh-group-exchange: Specifies the key exchange algorithm diffie-hellman-group-exchange-sha1.
dh-group1: Specifies the key exchange algorithm diffie-hellman-group1-sha1.
•
dh-group14: Specifies the key exchange algorithm diffie-hellman-group14-sha1.
•
prefer-stoc-cipher: Specifies the preferred server-to-client encryption algorithm. The default is aes128.
prefer-stoc-hmac: Specifies the preferred server-to-client HMAC algorithm. The default is sha1.
publickey keyname: Specifies the server by its host public key, which is used to authenticate the server.
The keyname argument is a case-insensitive string of 1 to 64 characters.
195