Administrator Guide
The following example shows you how to configure a cipher list.
Dell(conf)#ip ssh server cipher 3des-cbc aes128-cbc aes128-ctr
Configuring the SSH Client Cipher List
To configure the cipher list supported by the SSH client, use the ip ssh cipher cipher-list command in CONFIGURATION
mode.
cipher-list-: Enter a space-delimited list of ciphers the SSH Client supports.
The following ciphers are available.
● 3des-cbc
● aes128-cbc
● aes192-cbc
● aes256-cbc
● aes128-ctr
● aes192-ctr
●
aes256-ctr
The default cipher list is in the given order: aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Configuring a Cipher List
The following example shows you how to configure a cipher list.
Dell(conf)#ip ssh cipher aes128-ctr aes128-cbc 3des-cbc
Secure Shell Authentication
Secure Shell (SSH) is disabled by default.
Enable SSH using the ip ssh server enable command.
SSH supports three methods of authentication:
● Enabling SSH Authentication by Password
● Using RSA Authentication of SSH
● Configuring Host-Based SSH Authentication
Important Points to Remember
● If you enable more than one method, the order in which the methods are preferred is based on the ssh_config file on the
Unix machine.
● When you enable all the three authentication methods, password authentication is the backup method when the RSA
method fails.
● The files known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or version 2, respectively.
Enabling SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell Networking system. This setup
is the simplest method of authentication and uses SSH version 1.
To enable SSH password authentication, use the following command.
● Enable SSH password authentication.
CONFIGURATION mode
Security
877