Enables DSA/RSA X509v3 public key algorithms.
pk-alg | Specifies enabling DSA/RSA X509v3 public key algorithms. |
pkalg_name | Specifies which algorithm to enable: "ssh-dss" "ssh-rsa" "x509v3-sign-dss" "x509v3-sign-rsa" |
all | Specifies enabling all public key algorithms available. |
ssh-dss is disabled by default.
ssh-rsa, x509v3-sign-rsa, x509v3-sign-dss are enabled by default.
This public key algorithm configuration is used for the user key only—not for the host key. For a user key, ssh-dss algorithm is supported, but disabled by default. However, for host key, ssh-dss algorithm is not supported for both server and client. For backward compatibility it is supported in the server only during a switch image upgrade if this algorithm is present in earlier release.
The following example enables the ssh-dss algorithm:
configure ssh2 enables pk-alg ssh-dss
This command was first available in ExtremeXOS 22.3.
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.