Manualshelf

R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
221222223224225226227228229230
219
md5-96: HMAC algorithm hmac-md5-96.
sha1: HMAC algorithm hmac-sha1.
sha1-96: HMAC algorithm hmac-sha1-96.
prefer-kex: Preferred key exchange algorithm, defaulted to dh-group-exchange.
dh-group-exchange: Key exchange algorithm diffie-hellman-group-exchange-sha1.
dh-group1: Key exchange algorithm diffie-hellman-group1-sha1.
dh-group14: Key exchange algorithm diffie-hellman-group14-sha1.
prefer-stoc-cipher: Preferred encryption algorithm from server to client, defaulted to aes128.
prefer-stoc-hmac: Preferred HMAC algorithm from server to client, defaulted to sha1-96.
Description
Use sftp ipv6 to establish a connection to a remote IPv6 SFTP server and enter SFTP client view.
When the client's authentication method is publickey, the client needs to get the local private key for
validation. In non-FIPS mode, as the publickey authentication uses RSA and DSA algorithms, you must
specify an algorithm (by specifying the identity-key keyword) in order to get the correct data for the local
private key.
The following matrix shows the default algorithms used in FIPS and non-FIPS modes when an SFTP client
establishes a connection to the SFTP server.
Preferred al
g
orithm In non-FIPS mode
In FIPS mode
Public key algorithm
dsa rsa
Client-to-server preferred encryption algorithm aes128 aes128
Client-to-server preferred HMAC algorithm sha1-96 sha1-96
Preferred key exchange algorithm dh-group-exchange dh-group14
Server-to-client preferred encryption algorithm aes128 aes128
Server-to-client preferred HMAC algorithm sha1-96 sha1-96
Examples
# Connect to server 2:5::8:9, using the following algorithms:
Preferred key exchange algorithm: dh-group1.
Preferred encryption algorithm from server to client: aes128.
Preferred HMAC algorithm from client to server: md5.
Preferred HMAC algorithm from server to client: sha1-96.
<Sysname> sftp ipv6 2:5::8:9 prefer-kex dh-group1 prefer-stoc-cipher aes128
prefer-ctos-hmac md5 prefer-stoc-hmac sha1-96
Input Username: