Deleting Server Public Keys Saved In The Public Key File On The Stelnet Client - HPE FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
Task
Establish a
connection to an IPv6
Stelnet server.
Deleting server public keys saved in the public key file on the
Stelnet client
When the Stelnet client switches to FIPS mode but the locally saved server public key does not
comply with FIPS, the client cannot connect to the server. To connect to the server, delete the server
public key saved on the client and make sure a FIPS-compliant public key has been generated on
the server.
To delete server public keys saved in the public key file on the Stelnet client:
Command
•
In non-FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key { dsa |
ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 |
rsa | { x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain
domain-name } | prefer-compress zlib |
prefer-ctos-cipher { 3des-cbc | aes128-cbc |
aes128-ctr | aes128-gcm | aes192-ctr |
aes256-cbc | aes256-ctr | aes256-gcm |
des-cbc } | prefer-ctos-hmac { md5 | md5-96 |
sha1 | sha1-96 | sha2-256 | sha2-512 } |
prefer-kex { dh-group-exchange-sha1 |
dh-group1-sha1 | dh-group14-sha1 |
ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } |
prefer-stoc-cipher { 3des-cbc | aes128-cbc |
aes128-ctr | aes128-gcm | aes192-ctr |
aes256-cbc | aes256-ctr | aes256-gcm |
des-cbc } | prefer-stoc-hmac { md5 | md5-96 |
sha1 | sha1-96 | sha2-256 | sha2-512 } ] *
[ dscp dscp-value | escape character |
{ public-key keyname | server-pki-domain
domain-name } | source { interface
interface-type interface-number | ipv6
ipv6-address } ] *
•
In FIPS mode:
ssh2 ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key
{ ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384
| rsa | { x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain
domain-name } | prefer-compress zlib |
prefer-ctos-cipher { aes128-cbc | aes128-ctr |
aes128-gcm | aes192-ctr | aes256-cbc |
aes256-ctr | aes256-gcm } | prefer-ctos-hmac
{ sha1 | sha1-96 | sha2-256 | sha2-512 } |
prefer-kex { dh-group14-sha1 |
ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } |
prefer-stoc-cipher { aes128-cbc | aes128-ctr |
aes128-gcm | aes192-ctr | aes256-cbc |
aes256-ctr | aes256-gcm } | prefer-stoc-hmac
{ sha1 | sha1-96 | sha2-256 | sha2-512 } ] *
[ escape character | { public-key keyname |
server-pki-domain domain-name } | source
{ interface interface-type interface-number |
ipv6 ipv6-address } ] *
412
Remarks
Available in user view.
Advertisement
Table of Contents
Troubleshooting
