Feature support for SSH

SSHv2 is the supported version of SSH, but not all features typically available with SSHv2 are supported on the Extreme devices.

The following encryption algorithms are supported:

• 3des-cbc Triple-DES
• aes256-cbc: AES in Cipher Block Chaining (CBC) mode with 256-bit key
• aes192-cbc: AES in CBC mode with 192-bit key
• aes128-cbc: AES in CBC mode with 128-bit key
• aes256-gcm: AES in Galios/Counter Mode (GCM) mode with 256-bit key
• aes256-gcm@openssh.com
• aes192-gcm: AES in GCM mode with 192-bit key
• aes128-gcm: AES in GCM mode with 128-bit key
• aes128-gcm@openssh.com
• aes256-ctr: AES in Counter Mode (CTR) mode with 256-bit key
• aes192-ctr: AES in CTR mode with 192-bit key
• aes128-ctr: AES in CTR mode with 128-bit key
• blowfish-cbc
• cast128-cbc
• arcfour
• arcfour128
• arcfour256
• rijndael-cbc@lysator.liu.se
• chacha20-poly1305@openssh.com

The following Hash-based Message Authentication Code (HMAC) message authentication algorithms are supported:

• hmac-md5: MD5 encryption algorithm with 128-bit key.
• hmac-md5-96
• hmac-sha1: SHA1 encryption algorithm with 160-bit key.
• hmac-sha1-96
• hmac-sha2-256: SHA2 encryption algorithm with 256-bit key.
• hmac-sha2-256-etm@openssh.com
• hmac-sha2-512: SHA2 encryption algorithm with 512-bit key.
• hmac-sha2-512-etm@openssh.com
• hmac-ripemd160
• hmac-ripemd160@openssh.com
• umac-64@openssh.com
• umac-128@openssh.com
• hmac-sha1-etm@openssh.com
• hmac-sha1-96-etm@openssh.com
• hmac-md5-etm@openssh.com
• hmac-ripemd160-etm@openssh.com
• umac-64-etm@openssh.com
• umac-128-etm@openssh.com
• hmac-ripemd160-etm@openssh.com

SSH user authentication is performed with passwords stored on the device or on an external authentication, authorization, and accounting (AAA) server.