configure ssh2 enable cipher mac

configure ssh2 enable [cipher [cipher |all] |mac [ mac |all]]

Description

Configures the required ciphers/Message Authentication Codes (MACs) with SSHv2.

Syntax Description

cipher Specifies cipher to use for encrypting the session.
cipher Cipher name for encrypting session.
all Specifies all ciphers/MACs available in current mode.
mac Specifies MACs to use for encrypting the session.
mac MAC name for encrypting session.

Default

In Default mode, the following ciphers/MACs are disabled by default:
  • Ciphers: 3des-cbc, blowfish-cbc, aes128-cbc, aes192-cbc, aes256-cbc, cast128-cbc, rijndael-cbc@lysator.liu.se, arcfour, arcfour128, arcfour256
  • MACs: hmac-md5, hmac-md5-96, hmac-md5-etm@openssh.com, hmac-md5-96-etm@openssh.com, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-ripemd160-etm@openssh.com, hmac-sha1-96, hmac-sha1-96-etm@openssh.com
In Default mode, the following ciphers/MACs are enabled by default:
  • Ciphers: aes128-ctr, aes192-ctr, aes256-ctr, chacha20-poly1305@openssh.com
  • MACs: hmac-sha1-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1, hmac-sha2-256, hmac-sha2-512.

Example

The following example enables cipher "aes256-ctr" for the encrypting the session:

configure ssh2 enable cipher "aes256-ctr"

History

This command was first available in ExtremeXOS 22.1.

Platform Availability

This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X590, X620, X690, X870 series switches.