Table of Contents
Advertisement
Specifying MAC algorithms for SSH2
Step
1.
Enter system view.
2.
Specify MAC algorithms for
SSH2.
Displaying and maintaining SSH
Execute display commands in any view.
Task
Display the source IP address configured for
the SFTP client.
Display the source IP address configured for
the Stelnet client.
Display SSH server status or sessions.
Display SSH user information on the SSH
server.
Display the public keys of the local key pairs.
Display the public keys of the SSH peers.
Stelnet configuration examples
Unless otherwise noted, devices in the configuration examples are in non-FIPS mode.
When you configure Stelnet on a device that operates in FIPS mode, follow these restrictions and
guidelines:
•
The modulus length of the key pair must be 2048 bits.
•
When the device acts as an Stelnet server, it supports only RSA and ECDSA key pairs. If both
RSA and ECDSA key pairs exist on the server, the server uses the ECDSA key pair.
Password authentication enabled Stelnet server
configuration example
Network requirements
As shown in
•
You can log in to Switch through the Stelnet client that runs on the host.
•
After login, you are assigned the user role network-admin for configuration management.
Command
system-view
•
•
Figure
95:
In non-FIPS mode:
ssh2 algorithm mac { md5 |
md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } *
In FIPS mode:
ssh2 algorithm mac { sha1
| sha1-96 | sha2-256 |
sha2-512 } *
Command
display sftp client source
display ssh client source
display ssh server { session | status }
display ssh user-information [ username ]
display public-key local { dsa | ecdsa | rsa } public
[ name publickey-name ]
display public-key peer [ brief | name publickey-name ]
346
Remarks
N/A
By default, SSH2 uses the MAC
algorithms sha2-256, sha2-512,
sha1, md5, sha1-96, and md5-96
in descending order of priority for
algorithm negotiation.
Advertisement
Table of Contents
Troubleshooting
