Configuring SSH on the Evaluated Configuration
SSH is the only remote management interface allowed in the evaluated configuration. This topic describes how to configure SSH on the device.
Before you begin, log in with your root account on the device running Junos OS and edit the configuration.
You can enter the configuration commands in any order and commit all the commands at once.
- Specify the permissible SSH host-key algorithms.[edit system services ssh]user@host# set hostkey-algorithm ssh-ecdsa
- Specify the SSH key-exchange for Diffie-Hellman keys
for the system services.[edit system services ssh]user@host#set key-exchange ecdh-sha2-nistp256
- Specify all the permissible message authentication code
algorithms for SSHv2.[edit system services ssh]user@host#set macs hmac-sha1
- Specify the ciphers allowed for protocol version 2.[edit system services ssh]user@host#set ciphers ciphers aes128-cbc