R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

431

432

433

434

435

436

437

438

439

440

417

• Preferred key exchange algorithm is dh-group14.

• Preferred server-to-client encryption algorithm is aes128.

• Preferred client-to-server HMAC algorithm is sha1.

• Preferred server-to-client HMAC algorithm is sha1-96.

• Preferred compression algorithm between the server and client is zlib.

<Sysname> ssh2 3.3.3.3 prefer-kex dh-group14 prefer-stoc-cipher aes128 prefer-ctos-hmac

sha1 prefer-stoc-hmac sha1-96 prefer-compress zlib publickey svkey

ssh2 ipv6

Use ssh2 ipv6 to establish a connection to an IPv6 Stelnet server.

Syntax

Low encryption:

ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]

[ identity-key { dsa | rsa } | prefer-compress zlib | prefer-ctos-cipher des | prefer-ctos-hmac { md5 |

md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange | dh-group1 | dh-group14 } |

prefer-stoc-cipher des | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 }] * [ dscp dscp-value |

publickey keyname | source { interface interface-type interface-number | ipv6 ipv6-address } ]

High encryption in non-FIPS mode:

ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]

[ identity-key { dsa | rsa } | pr

efer-compress zlib | prefer-ctos-cipher { 3des | aes128 | aes256 | des }

| prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange | dh-group1

| dh-group14 } | prefer-stoc-cipher { 3des | aes128 | aes256 | des } | prefer-stoc-hmac { md5 |

md5-96 | sha1 | sha1-96 } ] * [ dscp dscp-value | publickey keyname | source { interface interface-type

interface-number | ipv6 ipv6-address } ] *

In FIPS mode:

ssh2 ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]

[ identity-key rsa | prefer-compress zlib | pr

efer-ctos-cipher { aes128 | aes256 } | prefer-ctos-hmac

{ sha1 | sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac

{ sha1 | sha1-96 } ] * [ publickey keyname | source { interface interface-type interface-number | ipv6

ipv6-address } ] *

Views

User view

Predefined user roles

network-admin

Parameters

server: Specifies a server by its IPv6 address or host name, a case-insensitive string of 1 to 253

characters.

port-number: Specifies the port number of the server, in the range 1 to 65535. The default is 22.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the server belongs, where

vpn-instance-name is a case-sensitive string of 1 to 31 characters.