ssh server key-exchange

Specifies the method used for generating the one-time session keys for encryption and authentication with the Secure Shell (SSH) server and Diffie-Hellman group 14.

Syntax

ssh server key-exchange string
no ssh server key-exchange

Parameters

string
The string for the name of the algorithm diffie-hellman-group14-sha1, or a comma-separated list of supported Key-exchange algorithms; such as diffie-hellman-group14-sha1,diffie-hellman-group1-sha1, and so on.

Command Default

This command is not configured by default.

Modes

Global configuration mode

Usage Guidelines

You can configure the SSH server key-exchange method to DH Group 14. When the SSH server key-exchange method is configured to DH Group 14, the SSH connection from a remote SSH client is allowed only if the key-exchange method at the client end is also configured to DH Group 14. Enter no ssh server key-exchange to restore SSH server key-exchange to the default value.

For information on DH Group 14, refer to RFC 3526.

For backward compatibility, the string "dh-group-14" is also acceptable in place of "diffie-hellman-group14-sha1"

Examples

To set SSH server key-exchange to DH Group 14: 

device(config)# ssh server key-exchange diffie-hellman-group14-sha1

To restore the SSH server key-exchange to default value: 

device(config)# no ssh server key-exchange
9036689-01 Rev AA