Ssh2 Ipv6 - HPE FlexNetwork HSR6800 Security Command Reference
Hide thumbs
Also See for FlexNetwork HSR6800:
- Configuration manual (503 pages) ,
- Command reference manual (153 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
•
dh-group-exchange: Specifies the key exchange algorithm
diffie-hellman-group-exchange-sha1. This keyword is not available in FIPS mode.
•
dh-group1: Specifies the key exchange algorithm diffie-hellman-group1-sha1. This keyword is
not available in FIPS mode.
•
dh-group14: Specifies the key exchange algorithm diffie-hellman-group14-sha1.
prefer-stoc-cipher: Specifies the preferred server-to-client encryption algorithm. The default is
aes128.
prefer-stoc-hmac: Specifies the preferred server-to-client HMAC algorithm. The default is sha1-96.
Usage guidelines
When the client's authentication method is publickey, the client must get the local private key for
digital signature. In non-FIPS mode, because the publickey authentication uses either RSA or DSA
algorithm, you must specify the public key algorithm of the client (by using the identity-key keyword)
to get the correct local private key.
In non-FIPS mode, the default algorithms are as follows:
•
The algorithm for publickey authentication is dsa.
•
The preferred client-to-server encryption algorithm is aes128.
•
The preferred client-to-server HMAC algorithm is sha1-96.
•
The preferred key exchange algorithm is dh-group-exchange.
•
The preferred server-to-client encryption algorithm is aes128.
•
The preferred server-to-client HMAC algorithm is sha1-96.
In FIPS mode, the default algorithms are as follows:
•
The algorithm for publickey authentication is rsa.
•
The preferred client-to-server encryption algorithm is aes128.
•
The preferred client-to-server HMAC algorithm is sha1-96.
•
The preferred key exchange algorithm is dh-group14.
•
The preferred server-to-client encryption algorithm is aes128.
•
The preferred server-to-client HMAC algorithm is sha1-96.
Examples
# Log in to Stelnet server 10.214.50.51, using the following connection scheme:
•
The preferred key exchange algorithm is dh-group1.
•
The preferred server-to-client encryption algorithm is aes128.
•
The preferred client-to-server HMAC algorithm is md5.
•
The preferred server-to-client HMAC algorithm is sha1-96.
<Sysname> ssh2 10.214.50.51 prefer-kex dh-group1 prefer-stoc-cipher aes128
prefer-ctos-hmac md5 prefer-stoc-hmac sha1-96
ssh2 ipv6
Use ssh2 ipv6 to establish a connection to an IPv6 Stelnet server.
Syntax
In non-FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ identity-key { dsa | rsa } |
prefer-compress { zlib | zlib-openssh } | prefer-ctos-cipher { 3des | aes128 | des } |
prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange |
359
Advertisement
Table of Contents
