Specifying Encryption Algorithms For Ssh2; Specifying Mac Algorithms For Ssh2; Displaying And Maintaining Ssh - HPE FlexNetwork 7500 Series Security Configuration Manual

Step

Specifying encryption algorithms for SSH2

Step
1. Enter system view.
2. Specify encryption
algorithms for SSH2.

Specifying MAC algorithms for SSH2

Step
1. Enter system view.
2. Specify MAC algorithms for
SSH2.

Displaying and maintaining SSH

Execute display commands in any view.
Command
Command
system-view
•
In non-FIPS mode:
ssh2 algorithm cipher
{ 3des-cbc | aes128-cbc |
aes128-ctr | aes128-gcm |
aes192-ctr | aes256-cbc |
aes256-ctr | aes256-gcm |
des-cbc } *
•
In FIPS mode:
ssh2 algorithm cipher
{ aes128-cbc | aes128-ctr |
aes128-gcm | aes192-ctr |
aes256-cbc | aes256-ctr |
aes256-gcm } *
Command
system-view
•
In non-FIPS mode:
ssh2 algorithm mac { md5 |
md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } *
•
In FIPS mode:
ssh2 algorithm mac { sha1
| sha1-96 | sha2-256 |
sha2-512 } *
330
Remarks
ecdsa-sha2-nistp384, and
rsa in descending order of
priority for algorithm
negotiation.
Remarks
N/A
•
In non-FIPS mode:
By default, SSH2 uses the
encryption algorithms
aes128-ctr, aes192-ctr,
aes256-ctr, aes128-gcm,
aes256-gcm, aes128-cbc,
3des-cbc, aes256-cbc, and
des-cbc in descending order
of priority for algorithm
negotiation.
•
In FIPS mode:
By default, SSH2 uses the
encryption algorithms
aes128-ctr, aes192-ctr,
aes256-ctr, aes128-gcm,
aes256-gcm, aes128-cbc,
and aes256-cbc in
descending order of priority
for algorithm negotiation.
Remarks
N/A
•
In non-FIPS mode:
By default, SSH2 uses the
MAC algorithms sha2-256,
sha2-512, sha1, md5,
sha1-96, and md5-96 in
descending order of priority
for algorithm negotiation.
•
In FIPS mode:
By default, SSH2 uses the
MAC algorithms sha2-256,
sha2-512, sha1, and
sha1-96 in descending order
of priority for algorithm
negotiation.