Table of Contents
Advertisement
prefer-ctos-cipher: Specifies the preferred client-to-server encryption algorithm. The default is
aes128-ctr. Supported algorithms are des-cbc, 3des-cbc, aes128-cbc, aes128-ctr, aes128-gcm,
aes192-ctr, aes256-cbc, aes256-ctr, and aes256-gcm, in ascending order of security strength and
computation time.
•
3des-cbc: Specifies the encryption algorithm 3des-cbc.
•
aes128-cbc: Specifies the encryption algorithm aes128-cbc.
•
aes128-ctr: Specifies the encryption algorithm aes128-ctr.
•
aes128-gcm: Specifies the encryption algorithm aes128-gcm.
•
aes192-ctr: Specifies the encryption algorithm aes192-ctr.
•
aes256-cbc: Specifies the encryption algorithm aes256-cbc.
•
aes256-ctr: Specifies the encryption algorithm aes256-ctr.
•
aes256-gcm: Specifies the encryption algorithm aes256-gcm.
•
des-cbc: Specifies the encryption algorithm des-cbc.
prefer-ctos-hmac: Specifies the preferred client-to-server HMAC algorithm. The default is
sha2-256. Supported algorithms are md5, md5-96, sha1, sha1-96, sha2-256, and sha2-512, in
ascending order of security strength and computation time.
•
md5: Specifies the HMAC algorithm hmac-md5.
•
md5-96: Specifies the HMAC algorithm hmac-md5-96.
•
sha1: Specifies the HMAC algorithm hmac-sha1.
•
sha1-96: Specifies the HMAC algorithm hmac-sha1-96.
•
sha2-256: Specifies the HMAC algorithm hmac-sha2-256.
•
sha2-512: Specifies the HMAC algorithm hmac-sha2-512.
prefer-kex: Specifies the preferred key exchange algorithm. The default is ecdh-sha2-nistp256.
Supported algorithms are dh-group-exchange-sha1, dh-group1-sha1, dh-group14-sha1,
ecdh-sha2-nistp256, and ecdh-sha2-nistp384, in ascending order of security strength and
computation time.
•
dh-group-exchange-sha1: Specifies the key exchange algorithm
diffie-hellman-group-exchange-sha1.
•
dh-group1-sha1: Specifies the key exchange algorithm diffie-hellman-group1-sha1.
•
dh-group14-sha1: Specifies the key exchange algorithm diffie-hellman-group14-sha1.
•
ecdh-sha2-nistp256: Specifies the key exchange algorithm ecdh-sha2-nistp256.
•
ecdh-sha2-nistp384: Specifies the key exchange algorithm ecdh-sha2-nistp384.
prefer-stoc-cipher: Specifies the preferred server-to-client encryption algorithm. The default is
aes128-ctr. Supported algorithms are the same as the client-to-server encryption algorithms (see
the prefer-ctos-cipher keyword).
prefer-stoc-hmac: Specifies the preferred server-to-client HMAC algorithm. The default is
sha2-256. Supported algorithms are the same as the client-to-server HMAC algorithms (see the
prefer-ctos-hmac keyword).
dscp dscp-value: Specifies the DSCP value in the IPv4 SSH packets. The value range for the
dscp-value argument is 0 to 63, and the default value is 48. The DSCP value determines the
transmission priority of the packet.
escape character: Specifies a case-sensitive escape character. By default, the escape character is a
tilde (~).
public-key keyname: Specifies the host public key of the server that the client uses to authenticate
the server. The keyname argument is a case-insensitive string of 1 to 64 characters.
server-pki-domain domain-name: Specifies the PKI domain for verifying the server's certificate.
The domain-name argument represents the PKI domain name, a case-insensitive string of 1 to 31
491
Advertisement
Table of Contents
