Administrator Guide
cipher-list-: Enter a space-delimited list of ciphers the SSH server will support.
The following ciphers are available.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Conguring a Cipher List
The following example shows you how to congure a cipher list.
Dell(conf)#ip ssh server cipher 3des-cbc aes128-cbc aes128-ctr
Conguring the HMAC Algorithm for the SSH Server
To congure the HMAC algorithm for the SSH server, use the ip ssh server mac hmac-algorithm command in
CONFIGURATION mode.
hmac-algorithm: Enter a space-delimited list of keyed-hash message authentication code (HMAC) algorithms supported by the SSH
server.
The following HMAC algorithms are available:
• hmac-md5
• hmac-md5-96
• hmac-sha1
• hmac-sha1-96
• hmac-sha2-256
The default HMAC algorithms are the following:
• hmac-sha2-256
• hmac-sha1
• hmac-sha1-96
• hmac-md5
• hmac-md5-96
When FIPS is enabled, the default HMAC algorithm is hmac-sha2-256,hmac-sha1,hmac-sha1-96.
Example of Conguring a HMAC Algorithm
The following example shows you how to congure a HMAC algorithm list.
Dell(conf)# ip ssh server mac hmac-sha1-96
Security
901