Syntax: [no] ip ssh [cipher <cipher-type>]
Cipher types that can be used for connection by clients. Valid types are:
Default: All cipher types are available.
Use the no form of the command to disable a cipher type.
ProCurve(config)# no ip ssh cipher 3des-cbc
Figure 2. Example of Disabling a Specific Cipher
Configuring Key Lengths and DSA/RSA Support
This enhancement allows you to specify the type and length of the generated host key. The command
Syntax: crypto key generate ssh [dsa | rsa [bits <num-bits>]]
Specify the type and length of the host key that is generated.
You can also generate and use a DSA key as the host key. The size of the host key is platform-
dependent as different switches have different amounts of processing power. The size is represented
by the <num-bits> key word and has the values shown in Table 5. The default value is used if num-
bits is not specified.
Table 5. RSA/DSA Values for Various ProCurve Switches
Maximum RSA Key Size (in bits)
1024, 2048, 3072
Release R.11.14 Enhancements
DSA Key Size (in bits)