Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Configuring SSH on the Evaluated Configuration for NDcPP


SSH through remote management interface allowed in the evaluated configuration. This topic describes how to configure SSH through remote management. The following algorithms that needs to be configured to validate SSH for NDcPP.

  • Before you begin, log in with your root account on the device running Junos OS Release 19.2R1 and edit the configuration.


You can enter the configuration commands in any order and commit all the commands at once.

To configure SSH on the TOE:

  1. Specify the permissible SSH host-key algorithms for the system services.
  2. Specify the SSH key-exchange for Diffie-Hellman keys for the system services.
  3. Specify all the permissible message authentication code algorithms for SSHv2
  4. Specify the ciphers allowed for protocol version 2.
  5. (Optional) Specify the number of minutes or maximum amount of data, before a rekey is forced on a session. The time limit must not be set greater than one hour and the data limit must not be set greater than one gigabyte.

Supported SSH hostkey algorithm:

Supported SSH key-exchange algorithm:

Supported MAC algorithm:

Supported SSH ciphers algorithm: