According to cryptanalysis experts, in SSHv2 it is not safe to use the same session key to encrypt data over long periods of time. You could analyze the traffic and compromise the key with enough captured data, so it is advisable to keep changing the session keys after a certain interval.
In ExtremeXOS 22.3, you can set the SSHv2 session rekeying interval by specifying a time interval value and/or amount of transferred data.
Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X870, X440-G2, X620, X690 series switches.
configure ssh2rekey [time-interval [time_interval |none] |data-limit [data_size |default]]
The following commands are changed to show rekeying interval information:
show ssh2
show management
Print
this page
Email this topic
Feedback
View PDF
Download EPUB