No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ssh server key-exchange

ssh server key-exchange

Function

The ssh server key-exchange command configures a key exchange algorithm list on an SSH server.

The undo ssh server key-exchange command restores the default configuration.

By default, an SSH server supports Diffie-hellman-group-exchange-sha1 and Diffie-hellman-group14-sha1 key exchange algorithms.

Format

ssh server key-exchange { dh_group_exchange_sha1 | dh_group14_sha1 | dh_group1_sha1 } *

undo ssh server key-exchange

Parameters

Parameter Description Value
dh_group_exchange_sha1 Specifies that the Diffie-hellman-group-exchange-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. -
dh_group14_sha1 Specifies that the Diffie-hellman-group14-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. -
dh_group1_sha1 Specifies that the Diffie-hellman-group1-sha1 algorithm is contained in the key exchange algorithm list configured on the SSH server. -

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

An SSH server and a client need to negotiate a key exchange algorithm for the packets exchanged between them. You can run the ssh server key-exchange command to configure a key exchange algorithm list for the SSH server. After the list is configured, the server matches the key exchange algorithm list of a client against the local list after receiving a packet from the client and selects the first key exchange algorithm that matches the local list. If no key exchange algorithms in the list of the client match the local list, the negotiation fails.

Precautions

The security levels of key exchange algorithms are as follows, from high to low: dh_group_exchange_sha1, dh_group14_sha1, and dh_group1_sha1. The dh_group_exchange_sha1 algorithm is recommended.

Example

# Configure key exchange algorithm lists dh_group_exchange_sha1 and dh_group14_sha1 on the SSH server.

<Huawei> system-view
[Huawei] ssh server key-exchange dh_group_exchange_sha1 dh_group14_sha1
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 152838

Downloads: 125

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next