Users Guide
NOTE: Administrators must specify the two les (rhosts and pub-key-file) to congure host-
based authentication.
Related Commands
ip ssh pub-key-le — public keys of trusted hosts from a le.
ip ssh rhostsle — trusted hosts and users for rhost authentication.
ip ssh key-size
Congure the size of the server-generated RSA SSHv1 key.
Syntax
ip ssh key-size 512-869
Parameters
512-869 Enter the key-size number for the server-generated RSA SSHv1 key. The range is from
512 to 869. The default is 768.
Defaults Key size 768
Command Modes CONFIGURATION
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information The server-generated key is used for SSHv1 key-exchange.
ip ssh mac
Congure the list of MAC algorithms supported on both SSH client and SCP.
Syntax
ip ssh mac mac-list
Parameters
mac mac-list
Enter the keyword mac then a space-delimited list of message authentication code
(MAC) algorithms supported by the SSH client. The following MAC algorithms are
available.
When FIPS mode is enabled:
• hmac-sha2–256
• hmac-sha1
• hmac-sha1–96
When FIPS mode is disabled:
• hmac-sha2-256
• hmac-sha1
• hmac-sha1–96
• hmac-md5
1188 Security