Users Guide
The following ciphers are available.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is in the given order: aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Conguring a Cipher List
The following example shows you how to congure a cipher list.
Dell(conf)#ip ssh cipher aes128-ctr aes128-cbc 3des-cbc
Secure Shell Authentication
Secure Shell (SSH) is disabled by default.
Enable SSH using the ip ssh server enable command.
SSH supports three methods of authentication:
• Enabling SSH Authentication by Password
• Using RSA Authentication of SSH
• Conguring Host-Based SSH Authentication
Important Points to Remember
• If you enable more than one method, the order in which the methods are preferred is based on the ssh_cong le on the Unix machine.
• When you enable all the three authentication methods, password authentication is the backup method when the RSA method fails.
• The les known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or version 2, respectively.
Enabling SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell Networking system. This setup is the
simplest method of authentication and uses SSH version 1.
To enable SSH password authentication, use the following command.
• Enable SSH password authentication.
CONFIGURATION mode
ip ssh password-authentication enable
Example of Enabling SSH Password Authentication
To view your SSH conguration, use the show ip ssh command from EXEC Privilege mode.
Dell(conf)#ip ssh server enable
% Please wait while SSH Daemon initializes ... done.
Dell(conf)#ip ssh password-authentication enable
Dell#sh ip ssh
SSH server : enabled.
934
Security