ssh client key-exchange

Specifies the method used for generating the one-time session keys for encryption and authentication with the Secure Shell (SSH) server and Diffie-Hellman group 14.

Syntax

ssh client key-exchange string
no ssh client key-exchange

Parameters

string
The string for the name of the algorithm diffie-hellman-group14-sha1, or a comma-separated list of supported Key-exchange algorithms, such as diffie-hellman-group14-sha1,diffie-hellman-group1-sha1. Refer to the device for a complete list of available options.

Command Default

This command is not configured by default.

Modes

Global configuration mode

Usage Guidelines

You can configure the SSH client key-exchange method to DH Group 14. When the ssh client key-exchange method is configured to DH Group 14, the SSH connection from a remote SSH client is allowed only if the key-exchange method at the client end is also configured to DH Group 14. Enter no ssh client key-exchange to restore ssh client key-exchange to the default value.

For information on DH Group 14, see RFC 3526.

For backward compatibility, the string "dh-group-14" is also acceptable in place of "diffie-hellman-group14-sha1"

Examples

To set ssh client key-exchange to DH Group 14: 

device(config)#ssh client key-exchange diffie-hellman-group14-sha1

To restore the ssh client key-exchange to the default value: 

device(config)# no ssh client key-exchange
9036689-01 Rev AA