R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

161

162

163

164

165

166

167

168

169

170

154

Establishing a connection between an SSH client and the server

Establishing a connection between an SSH client and the IPv4 server

Task Command Remarks

Establish a

connection between

the SSH client and

the IPv4 server, and

specify algorithms

involved during the

connection.

• In non-FIPS mode:

ssh2 server [ port-number ] [ identity-key { dsa | rsa } |

prefer-ctos-cipher { 3des | aes128 |aes256 | des } |

prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } |

prefer-kex { dh-group-exchange | dh-group1 | dh-group14 }

| prefer-stoc-cipher { 3des | aes128 | aes256 | des } |

prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *

• In FIPS mode:

ssh2 server [ port-number ] [ vpn-instance vpn-instance-name ]

[ identity-key rsa | prefer-ctos-cipher { aes128 | aes256 } |

prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14

| prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac

{ sha1 | sha1-96 } ] *

Use either

command in user

view.

Establishing a connection between an SSH client and the IPv6 server

Task Command Remarks

Establish a

connection between

the SSH client and

the IPv6 server, and

specify algorithms

involved during the

connection.

• In non-FIPS mode:

ssh2 ipv6 server [ port-number ] [ vpn-instance

vpn-instance-name ] [ identity-key { dsa | rsa } |

prefer-ctos-cipher { 3des | aes128 | aes256 | des } |

prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } |

prefer-kex { dh-group-exchange | dh-group1 | dh-group14 }

| prefer-stoc-cipher { 3des | aes128 | aes256 | des } |

prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *

• In FIPS mode:

ssh2 ipv6 server [ port-number ] [ vpn-instance

vpn-instance-name ] [ identity-key rsa | prefer-ctos-cipher

{ aes128 | aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } |

prefer-kex dh-group14 | prefer-stoc-cipher { aes128 |

aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *

Use either

command in user

view.

Displaying and maintaining SSH

Task Command

Remarks

Display the source IP address or

interface set for the SFTP client.

display sftp client source [ | { begin | exclude |

include } regular-expression ]

Available in any

view

Display the source IP address or

interface information on an SSH

client.

display ssh client source [ | { begin | exclude |

include } regular-expression ]

Available in any

view

Display SSH server status

information or session information

on an SSH server.

display ssh server { status | session } [ | { begin |

exclude | include } regular-expression ]

Available in any

view