Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring SSH on the Evaluated Configuration

 

SSH is an allowed remote management interface in the evaluated configuration. This topic describes how to configure SSH on the device.

  • Before you begin, log in with your root account on the device.

To configure SSH on the device:

  1. Specify the permissible SSH host-key algorithms for the system services.
  2. Specify the SSH key-exchange for Diffie-Hellman keys for the system services.
  3. Specify all the permissible message authentication code algorithms for SSHv2.
  4. Specify the ciphers allowed for protocol version 2.
    Note

    The commands edit system services ssh ciphers aes192-ctr and edit system services ssh ciphers aes192-cbc are supported only in FIPS.

Supported SSH hostkey algorithm:

Supported SSH key-exchange algorithm:

Supported MAC algorithm:

Supported SSH ciphers algorithm:

Note

aes192-cbc and aes192-ctr SSH cipher algorithms are supported only in FIPS.