Administrator Guide
NOTE:
SSHv1 does not support challenge response authentication.
ip ssh cipher
Configure the list of ciphers supported on both SSH client and SCP.
Syntax
ip ssh cipher cipher-list
Parameters
cipher
cipher-list
Enter the keyword cipher and then a space-delimited list of ciphers that the SSH client
supports. The following ciphers are available.
• aes256-ctr
• aes256-cbc
• aes192-ctr
• aes192-cbc
• aes128-ctr
• aes128-cbc
• 3des-cbc
Defaults The default list of ciphers is in the order as shown below:
• aes256-ctr
• aes256-cbc
• aes192-ctr
• aes192-cbc
• aes128-ctr
• aes128-cbc
• 3des-cbc
Command Modes CONFIGURATION
Command History
This guide is platform-specific. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
Version Description
9.10(0.0) Introduced on the S6100–ON, S6000, S6000–ON, S5000, S4810, S4820T, S3048–ON,
S4048–ON, MXL, C9010, S3100 series, and Z9100-ON.
Usage Information
• You can select one or more ciphers from the list.
• The default list of supported ciphers is same irrespective of whether FIPS mode is enabled or disabled.
• Client-supported cipher list gets preference over the server-supported cipher list in selecting the cipher for
the SSH session.
• When the cipher (-c) option is used with the SSH CLI, it overrides the configured or default cipher list.
• When FIPS is enabled or disabled, the client ciphers get default configuration.
ip ssh connection-rate-limit
Configure the maximum number of incoming SSH connections per minute.
C9000 Series
Syntax
ip ssh connection-rate-limit 1-10
Parameters
1-10
Enter the number of maximum numbers of incoming SSH connections allowed per minute.
The range is from 1 to 10 per minute. The default is 10 per minute.
1500 Security