Displays the SSH server status in the running-config.
Privileged EXEC mode
SSH server configuration is placed at the beginning of the running-config and is part of the global configuration of the device. By default, the SSH server listens on mgmt-vrf and default-vrf.
The show running-config ssh server command displays the following information:
| Output field | Description |
|---|---|
|
algorithm |
Whether the SSH server is configured to use the x509v3 digital certificate for SSH authentication. |
|
certificate |
Whether the SSH server is configured to use the server and user x509v3 certificate for SSH authentication. |
|
cipher |
Identifies the cipher configured for the SSH server. |
|
key |
Identifies the configured SSH crypto keys: DSA, ECDSA, RSA. |
|
mac |
Identifies the configured MAC algorithms. Supported algorithms are hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1, hmac-sha1-96, hmac-md5, hmac-md5-96, hmac-ripemd160, hmac-ripemd160@openssh.com, umac-64@openssh.com, umac-128@openssh.com, hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com, hmac-md5-etm@openssh.com, hmac-ripemd160-etm@openssh.com, umac-64-etm@openssh.com, umac-128-etm@openssh.com, and hmac-ripemd160-etm@openssh.com. The default MACs supported in FIPS mode are hmac-sha1, hmac-sha2-256, and hmac-sha2-512. |
|
max-auth-tries |
Identifies the maximum number of times the user can attempt to authenticate to the SSH server. |
|
max-idle-timeout |
Identifies the maximum about of time that the SSH server can be idle after authentication. |
|
max-login-timeout |
Identifies the maximum amount of time allowed for SSH authentication. |
|
port |
Identifies the designated SSH server port. |
|
rekey-interval |
Identifies the amount of time allowed for session rekeying. |
|
rekey-volume |
Identifies the maximum packet limit, in megabytes, for session rekeying. |
|
use-vrf |
Identifies the configured VRF name. |
This example shows output when the SSH service is shutdown on the mgmt-vrf.
device# show running-config ssh server ssh server key rsa 2048 ssh server key ecdsa 256 ssh server key dsa ssh server use-vrf default-vrf ssh server use-vrf mgmt-vrf shutdown device#
This example shows output when the SSH service is enabled.
device# show running-config ssh server ssh server key rsa 2048 ssh server key ecdsa 256 ssh server key dsa ssh server use-vrf default-vrf ssh server use-vrf mgmt-vrf device#