Configuration Example: Enable/Disable Ciphers in FIPS Mode
* * Slot-1 Stack.24 # show ssh2
SSH module configuration details:
SSH Access : Enabled
Key validity : Valid
TCP port : 22
VR : all
Access profile : not set
Secure Mode : Off
Diffie-Hellman Groups : 1 (1024 bits prime), 14 (2048 bits prime)
Idle time : 60 minutes
Ciphers : aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
Macs : hmac-sha1, hmac-sha2-256, hmac-sha2-512
* Slot-1 Stack.24 # configure ssh2 disable cipher aes128-ctr
* Slot-1 Stack.25 # show ssh2 ciphers
Ciphers : aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
* Slot-1 Stack.26 # show ssh2
SSH module configuration details:
SSH Access : Enabled
Key validity : Valid
TCP port : 22
VR : all
Access profile : not set
Secure Mode : Off
Diffie-Hellman Groups : 1 (1024 bits prime), 14 (2048 bits prime)
Idle time : 60 minutes
Ciphers : aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
Macs : hmac-sha1, hmac-sha2-256, hmac-sha2-512
* Slot-1 Stack.27 # configure ssh2 enable cipher aes128-ctr
* Slot-1 Stack.28 # show ssh2 ciphers
Ciphers : aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
* Slot-1 Stack.29 # show ssh2
SSH module configuration details:
SSH Access : Enabled
Key validity : Valid
TCP port : 22
VR : all
Access profile : not set
Secure Mode : Off
Diffie-Hellman Groups : 1 (1024 bits prime), 14 (2048 bits prime)
Idle time : 60 minutes
Ciphers : aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
Macs : hmac-sha1, hmac-sha2-256, hmac-sha2-512
Print
this page
Email this topic
Feedback
View PDF
Download EPUB