HP VPN Firewall Appliances System Management and Maintenance Command Reference
220
• The preferred client-to-server HMAC algorithm is sha1-96.
• The preferred key exchange algorithm is dh-group-exchange.
• The preferred server-to-client encryption algorithm is aes128.
• The preferred server-to-client HMAC algorithm is sha1-96.
In FIPS mode, the default algorithms are as follows:
• The public key algorithm is rsa.
• The preferred client-to-server encryption algorithm is aes128.
• The preferred client-to-server HMAC algorithm is sha1-96.
• The preferred key exchange algorithm is dh-group14.
• The preferred server-to-client encryption algorithm is aes128.
• The preferred server-to-client HMAC algorithm is sha1-96.
Examples
# Connect to server 2:5::8:9, using the following connection scheme:
• The preferred key exchange algorithm is dh-group1.
• The preferred server-to-client encryption algorithm is aes128.
• The preferred client-to-server HMAC algorithm is md5.
• The preferred server-to-client HMAC algorithm is sha1-96.
<Sysname> sftp ipv6 2:5::8:9 prefer-kex dh-group1 prefer-stoc-cipher aes128
prefer-ctos-hmac md5 prefer-stoc-hmac sha1-96
Input Username:
ssh client authentication server
Use ssh client authentication server on the client to configure the host public key of the specified server
so that the client can determine whether the server is trustworthy.
Use undo ssh client authentication server to remove the configuration.
Syntax
ssh client authentication server server assign publickey keyname
undo ssh client authentication server server assign publickey
Default
No host public key of a server is configured. When the client logs into a server, it uses the IP address or
host name of the server as the public key name.
Views
System view
Default command level
2: System level
Parameters
server: Specifies a server by its address or host name, a string of 1 to 80 characters.
assign publickey keyname: Specifies the name of the host public key of the server, a string of 1 to 64
characters.