R2511-HP MSR Router Series Security Command Reference(V5)
444
Preferred algorithm In non-FIPS mode In FIPS mode
Public key algorithm dsa rsa
Preferred client-to-server encryption
algorithm
aes128 aes128
Preferred client-to-server HMAC
algorithm
sha1-96 sha1-96
Preferred key exchange algorithm dh-group-exchange dh-group14
Preferred server-to-client encryption
algorithm
aes128 aes128
Preferred server-to-client HMAC
algorithm
sha1-96 sha1-96
Views
User view
Default command level
0: Visit level
Parameters
server: Specifies a server by its IPv4 address or host name, a case-insensitive string of 1 to 20 characters.
port-number: Specifies the port number of the server, in the range of 0 to 65535. The default is 22.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the server belongs, where the
vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the server is on the public
network, do not specify this option.
identity-key: Specifies the algorithm for publickey authentication, either dsa or rsa. The default is dsa.
• dsa: Specifies the public key algorithm dsa. This keyword is not available in FIPS mode.
• rsa: Specifies the public key algorithm rsa.
prefer-compress: Specifies the preferred compression algorithm. By default, the compression algorithm is
not used.
• zlib: Specifies the compression algorithm ZLIB.
• zlib-openssh: Specifies the compression algorithm ZLIB@openssh.com
.
prefer-ctos-cipher: Specifies the preferred client-to-server encryption algorithm. The default algorithm is
aes128.
• 3des: Specifies the encryption algorithm 3des-cbc. This keyword is not available in FIPS mode.
• aes128: Specifies the encryption algorithm aes128-cbc.
• aes256: Specifies the encryption algorithm aes256-cbc. This keyword is only available in FIPS
mode.
• des: Specifies the encryption algorithm des-cbc. This keyword is not available in FIPS mode.
prefer-ctos-hmac: Specifies the preferred client-to-server HMAC algorithm. The default algorithm is
sha1-96.
• md5: Specifies the HMAC algorithm hmac-md5. This keyword is not available in FIPS mode.
• md5-96: Specifies the HMAC algorithm hmac-md5-96. This keyword is not available in FIPS mode.
• sha1: Specifies the HMAC algorithm hmac-sha1.