CLI Guide
NOTE: The :: notation specifies successive hexadecimal
fields of zeros.
-c encryption
cipher
Enable the “FIPS mode enable", this mode will support only
v2 client.
"no fips mode enable"(disable) will support v1 & v2 client.
This comment is applicable for both ciphers & HMAC
algorithms:
• 3des-cbc: Force ssh to use 3des-cbc encryption cipher.
• aes128-cbc : Force ssh to use aes128-cbc encryption
cipher
• aes192-cbc : Force ssh to use aes192-cbc encryption
cipher
• aes256-cbc : Force ssh to use aes256-cbc encryption
cipher
• aes128-ctr : Force ssh to use aes128-ctr encryption
cipher
• aes192-ctr : Force ssh to use aes192-ctr encryption
cipher
• aes256-ctr : Force ssh to use aes256-ctr encryption
cipher
-l username (OPTIONAL) Enter the keyword -l then the user name used
in this SSH session. The default is the user name of the user
associated with the terminal.
-m HMAC
algorithm
Enter one of the following HMAC algorithms to use. (For v2
clients only):
"no fips mode enable"(disable) will support v1 & v2 client.
• hmac-md5: Force ssh to use hmac-md5 HMAC
algorithm.
• hmac-md5-96: Force ssh to use hmac-md5-96 HMAC
algorithm.
• hmac-sha1: Force ssh to use hmac-sha1 HMAC
algorithm.
• hmac-sha1-96 : Force ssh to use hmac-sha1-96
HMAC algorithm.
• hmac-sha2-256 : Force ssh to use hmac-sha2-256
HMAC algorithm.
-p port-number (OPTIONAL) Enter the keyword -p then the port number.
The range is from 1 to 65535. The default is 22.
-v {1 | 2} (OPTIONAL) Enter the keyword -v then the SSH version 1 or
2. The default is the version from the protocol negotiation.
Security
1511