configure ssh2 enable pk-alg

configure ssh2 enable {pk-alg [pkalg_name | all]}

Description

Enables DSA/RSA X509v3 public key algorithms.

Syntax Description

pk-alg Specifies enabling DSA/RSA X509v3 public key algorithms.
pkalg_name Specifies which algorithm to enable: "ssh-dss" "ssh-rsa" "x509v3-sign-dss" "x509v3-sign-rsa"
all Specifies enabling all public key algorithms available.

Default

ssh-dss is disabled by default.

ssh-rsa, x509v3-sign-rsa, x509v3-sign-dss are enabled by default.

Usage Guidelines

This public key algorithm configuration is used for the user key only—not for the host key. For a user key, ssh-dss algorithm is supported, but disabled by default. However, for host key, ssh-dss algorithm is not supported for both server and client. For backward compatibility it is supported in the server only during a switch image upgrade if this algorithm is present in earlier release.

Example

The following example enables the ssh-dss algorithm:

configure ssh2 enables pk-alg ssh-dss

History

This command was first available in ExtremeXOS 22.3.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.