CLI Guide
Version Description
9.8(2.0) Introduced on the S3100 series.
9.8(1.0) Introduced on the Z9100-ON.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000–ON.
9.2(1.0) Introduced on the Z9500.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
pre-6.1.1.0 Introduced on the E-Series.
Usage
Information
If you enable this command, clients can log in without a password prompt. This command provides two
levels of authentication:
● rhost-authentication is done with the file specified in the ip ssh rhostfile command.
● checking client host-keys is done with the file specified in the ip ssh pub-key-file command.
NOTE: Administrators must specify the two files (rhosts and pub-key-file) to configure host-
based authentication.
Related
Commands
● ip ssh pub-key-file — public keys of trusted hosts from a file.
● ip ssh rhostsfile — trusted hosts and users for rhost authentication.
ip ssh mac
Configure the list of MAC algorithms supported on both SSH client and SCP.
Syntax
ip ssh mac mac-list
Parameters
mac
mac-list
Enter the keyword mac then a space-delimited list of message authentication code
(MAC) algorithms supported by the SSH client. The following MAC algorithms are
available.
When FIPS mode is enabled:
● hmac-sha2–256
● hmac-sha1
● hmac-sha1–96
When FIPS mode is disabled:
● hmac-sha2-256
● hmac-sha1
● hmac-sha1–96
● hmac-md5
● hmac-md5-96
Defaults
The default list of MAC algorithm is in the order as shown below:
When FIPS mode is enabled:
1396 Security