Concept Guide
The following HMAC algorithms are available:
• hmac-sha1
• hmac-sha1-96
• hmac-sha2-256
When FIPS is enabled, the default HMAC algorithm is hmac-sha1-96.
When FIPS is not enabled, the default HMAC algorithms are the following:
• hmac-md5
• hmac-md5-96
• hmac-sha1
• hmac-sha1-96
• hmac-sha2-256
kex key-exchange-
algorithm
Enter the keyword kex and then a space-delimited list of key exchange algorithms
supported by the SSH server.
The following key exchange algorithms are available:
• diffie-hellman-group-exchange-sha1
• diffie-hellman-group1-sha1
• diffie-hellman-group14-sha1
When FIPS is enabled, the default key-exchange-algorithm is diffie-hellman-
group14-sha1.
When FIPS is not enabled, the default key-exchange-algorithms are the following:
• diffie-hellman-group-exchange-sha1
• diffie-hellman-group1-sha1,
• diffie-hellman-group14-sha1
port port-number (OPTIONAL) Enter the keyword port then the port number of the listening port of the
SSH server. The range is from 1 to 65535. The default is 22.
[version {1 | 2}] (OPTIONAL) Enter the keyword version then the SSH version 1 or 2 to specify only
SSHv1 or SSHv2.
NOTE: If you enable FIPS mode, you can only select version 2.
Defaults Default listening port is 22.
Command Modes CONFIGURATION
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
9.5(0.0) Introduced the cipher, kex and mac options on the MXL 10/40GbE Switch.
1198 Security