Generates the Secure Shell 2 (SSH2) server host key.
| algorithm | Specifies the algorithm of an SSH server key. |
| ssh-rsa | Specifies the ssh-rsa key type with signature algorithm SHA1. (Default, not recommended). |
| rsa-sha2-256 | Specifies the ssh-rsa key type with signature algorithm SHA2-256. |
| rsa-sha2-512 | Specifies the ssh-rsa key type with signature algorithm SHA2-512. |
ssh-rsa, not recommended.
Secure Shell 2 (SSH2) is a feature of ExtremeXOS that allows you to encrypt session data between a network administrator using SSH2 client software and the switch or to send encrypted data from the switch to an SSH2 client on a remote system. Configuration, policy, image, and public key files may also be transferred to the switch using the Secure Copy Program (SCP2).
To enable SSH2, use the enable ssh2 command.
A host key must be generated before the switch can accept incoming ssh connections. This can be done by the switch using the commands "enable ssh2" (if ssh is not enabled previously) or "configure ssh2 key pregenerated" (if you wish to use a pregenerated key as the host key).
The following command configures key algorithm rsa-sha2-512:
# configure ssh2 key algorithm rsa-sha2-512 New key algorithm will be usable after disable and enable SSH or 'restart process exsshd'. Warning: Legacy clients that do not support this algorithm will not connect with the switch's SSH server.
The following command configures key algorithm to ssh-rsa (not recommended):
# configure ssh2 ke algorithm ssh-rsa New key algorithm will be usable after disable and enable SSH or 'restart process exsshd'. Warning: Algorithm ssh-rsa uses SHA1, which is no longer recommended.
This command was first available in version 32.5.
This command is available on all Universal switches supported in this document.