Administrator Guide
Example of Configuring a Cipher List
The following example shows you how to configure a cipher list.
Dell(conf)#ip ssh server cipher 3des-cbc aes128-cbc aes128-ctr
Configuring DNS in the SSH Server
Dell EMC Networking provides support to enable the DNS in SSH server configuration for host-based authentication. You can
specify whether the SSH Server should look up the remote host name and check whether the resolved host name for the
remote IP address maps to the same IP address. By default, the DNS in the SSH server configuration is disabled.
To enable the DNS in the SSH server configuration, use the following command.
● Enable the DNS in the SSH server configuration.
CONFIGURATION mode
[no] ip ssh server dns enable
To disable the DNS in the SSH server configuration, use the no version of this command.
To view the status of DNS in the SSH server configuration, use the show running-config ip ssh command from EXEC
mode.
DellEMC#show running-config ip ssh
!
ip ssh server dns enable
ip ssh hostbased-authentication enable
no ip ssh password-authentication enable
ip ssh server enable
Configuring the HMAC Algorithm for the SSH Server
To configure the HMAC algorithm for the SSH server, use the ip ssh server mac hmac-algorithm command in
CONFIGURATION mode.
hmac-algorithm: Enter a space-delimited list of keyed-hash message authentication code (HMAC) algorithms supported by the
SSH server.
The following HMAC algorithms are available:
● hmac-md5
● hmac-md5-96
● hmac-sha1
● hmac-sha1-96
● hmac-sha2-256
The default HMAC algorithms are the following:
● hmac-sha2-256
● hmac-sha1
● hmac-sha1-96
● hmac-md5
● hmac-md5-96
When FIPS is enabled, the default HMAC algorithm is hmac-sha2-256,hmac-sha1,hmac-sha1-96.
Example of Configuring a HMAC Algorithm
Security
875