No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ssh client secure-algorithms hmac

ssh client secure-algorithms hmac


The ssh client secure-algorithms hmac command configures an HMAC algorithm list for an SSH client.

The undo ssh client secure-algorithms hmac command restores the default HMAC algorithm list of an SSH client.

By default, an SSH client supports the SHA2_256 HMAC algorithm.


ssh client secure-algorithms hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 } *

undo ssh client secure-algorithms hmac


Parameter Description Value
md5 Specifies the HMAC MD5 algorithm. -
md5_96 Specifies the HMAC MD5_96 algorithm. -
sha1 Specifies the HMAC SHA1 algorithm. -
sha1_96 Specifies the HMAC SHA1_96 algorithm. -
sha2_256 Specifies the HMAC SHA2_256 algorithm. -
sha2_256_96 Specifies the HMAC SHA2_256_96 algorithm. -


System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

An SSH server and a client need to negotiate an HMAC algorithm for the packets exchanged between them. You can run the ssh client secure-algorithms hmac command to configure an HMAC algorithm list for the SSH client. After the list is configured, the server matches the list of a client against the local list after receiving a packet from the client and selects the first HMAC algorithm that matches the local list. If no HMAC algorithms in the list of the client match the local list, the negotiation fails.


sha2_256 provides the highest security, followed by sha2_256_96, sha1, sha1_96, md5, and md5_96 in order.

sha2_256_96, sha1, sha1_96, md5, and md5_96 provide weak security. Therefore, they are not recommended in the HMAC algorithm list.


# Configure the HMAC SHA2_256 algorithm for an SSH client.

<Huawei> system-view
[Huawei] ssh client secure-algorithms hmac sha2_256
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 206747

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next