Manualshelf

Administrator Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000
711712713714715716717718719720
The following example shows you how to configure a HMAC algorithm list.
Dell(conf)# ip ssh server mac hmac-sha1-96
Configuring the SSH Server Cipher List
To configure the cipher list supported by the SSH server, use the ip ssh server ciphers cipher-list
command in CONFIGURATION mode.
cipher-list-: Enter a space-delimited list of ciphers the SSH server will support.
The following ciphers are available.
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
aes128-ctr
aes192-ctr
aes256-ctr
The default cipher list is 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
Example of Configuring a Cipher List
The following example shows you how to configure a cipher list.
Dell(conf)#ip ssh server cipher 3des-cbc aes128-cbc aes128-ctr
Secure Shell Authentication
Secure Shell (SSH) is disabled by default.
Enable SSH using the ip ssh server enable command.
SSH supports three methods of authentication:
Enabling SSH Authentication by Password
Using RSA Authentication of SSH
Configuring Host-Based SSH Authentication
Important Points to Remember
If you enable more than one method, the order in which the methods are preferred is based on the
ssh_config file on the Unix machine.
When you enable all the three authentication methods, password authentication is the backup
method when the RSA method fails.
The files known_hosts and known_hosts2 are generated when a user tries to SSH using version 1 or
version 2, respectively.
718
Security