White Papers
• hmac-md5-96
When FIPS is enabled, the default HMAC algorithm is hmac-sha2-256,hmac-sha1,hmac-sha1-96.
Example of Conguring a HMAC Algorithm
The following example shows you how to congure a HMAC algorithm list.
DellEMC(conf)# ip ssh server mac hmac-sha1-96
Conguring the SSH Server Cipher List
To congure the cipher list supported by the SSH server, use the ip ssh server cipher cipher-list command in CONFIGURATION
mode.
cipher-list-: Enter a space-delimited list of ciphers the SSH server will support.
The following ciphers are available.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Conguring a Cipher List
The following example shows you how to congure a cipher list.
DellEMC(conf)#ip ssh server cipher 3des-cbc aes128-cbc aes128-ctr
Secure Shell Authentication
Secure Shell (SSH) is enabled by default using the SSH Password Authentication method.
Enabling SSH Authentication by Password
Authenticate an SSH client by prompting for a password when attempting to connect to the Dell EMC Networking system. This setup is
the simplest method of authentication and uses SSH version 1.
To enable SSH password authentication, use the following command.
• Enable SSH password authentication.
CONFIGURATION mode
ip ssh password-authentication enable
Security
749