configure ssh2 enable cipher mac

configure ssh2 enable [cipher [cipher |all] |mac [ mac |all]]

Description

Configures the required ciphers/Message Authentication Codes (MACs) with SSHv2.


cipher	Specifies cipher to use for encrypting the session.
`cipher`	Cipher name for encrypting session.
all	Specifies all ciphers/MACs available in current mode.
mac	Specifies MACs to use for encrypting the session.
`mac`	MAC name for encrypting session.

In Default mode, the following ciphers/MACs are disabled by default:

Ciphers: 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se
MACs: hmac-md5, hmac-md5-96, hmac-md5-etm@openssh.com, hmac-md5-96-etm@openssh.com, hmac-sha1-96, hmac-sha1-96-etm@openssh.com

In Default mode, the following ciphers/MACs are enabled by default:

Ciphers: aes128-ctr, aes192-ctr, aes256-ctr, chacha20-poly1305@openssh.com
MACs: hmac-sha1-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha1, hmac-sha2-256, hmac-sha2-512.

Note

The following ciphers and MAC are no longer supported: arcfour, arcfour128, arcfour256, blowfish-cbc, cast128-cbc, hmac-ripemd160.

The following example enables cipher "aes256-ctr" for the encrypting the session:

# configure ssh2 enable cipher "aes256-ctr"

This command was first available in ExtremeXOS 22.1.

Unsupported ciphers/macs removed due to SSH2 upgrade in ExtremeXOS 30.7.

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.