Concept Guide
The following example shows you how to congure a HMAC algorithm list.
Dell(conf)# ip ssh mac hmac-sha1-96
Conguring the SSH Client Cipher List
To congure the cipher list supported by the SSH client, use the ip ssh cipher cipher-list command in CONFIGURATION mode.
cipher-list-: Enter a space-delimited list of ciphers the SSH Client supports.
The following ciphers are available.
• 3des-cbc
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is in the given order: aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Conguring a Cipher List
The following example shows you how to congure a cipher list.
Dell(conf)#ip ssh cipher aes128-ctr aes128-cbc 3des-cbc
Conguring DNS in the SSH Server
Dell EMC Networking provides support to enable the DNS in SSH server conguration for host-based authentication. You can specify
whether the SSH Server should look up the remote host name and check whether the resolved host name for the remote IP address maps
to the same IP address. By default, the DNS in the SSH server conguration is disabled.
To enable the DNS in the SSH server conguration, use the following command.
• Enable the DNS in the SSH server conguration.
CONFIGURATION mode
[no] ip ssh server dns enable
To disable the DNS in the SSH server conguration, use the no version of this command.
NOTE
: You can use the ip ssh server dns enable command only in Full-Switch mode.
Example of DNS Conguration in SSH Server Connections
To view the status of DNS in the SSH server conguration, use the show running-config ip ssh command from EXEC mode.
DellEMC#show running-config ip ssh
!
ip ssh server dns enable
ip ssh hostbased-authentication enable
no ip ssh password-authentication enable
ip ssh server enable
Security
755