No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ssh server secure-algorithms hmac

ssh server secure-algorithms hmac

Function

The ssh server secure-algorithms hmac command configures an HMAC algorithm list for an SSH server.

The undo ssh server secure-algorithms hmac command restores the default HMAC algorithm list of an SSH server.

By default, an SSH server supports the SHA2_256 HMAC algorithm.

By default, an SSH server supports the SHA2_256 HMAC algorithm.

Format

ssh server secure-algorithms hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 } *

undo ssh server secure-algorithms hmac

Parameters

Parameter Description Value
md5 Specifies the HMAC MD5 algorithm. -
md5_96 Specifies the HMAC MD5_96 algorithm. -
sha1 Specifies the HMAC SHA1 algorithm. -
sha1_96 Specifies the HMAC SHA1_96 algorithm. -
sha2_256 Specifies the HMAC SHA2_256 algorithm. -
sha2_256_96 Specifies the HMAC SHA2_256_96 algorithm. -

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

An SSH server and a client need to negotiate an HMAC algorithm for the packets exchanged between them. You can run the ssh server secure-algorithms hmac command to configure an HMAC algorithm list for the SSH server. After the list is configured, the server matches the list of a client against the local list after receiving a packet from the client and selects the first HMAC algorithm that matches the local list. If no HMAC algorithms in the list of the client match the local list, the negotiation fails.

Precautions

sha2_256 provides the highest security, followed by sha2_256_96, sha1, sha1_96, md5, and md5_96 in order.

sha2_256_96, sha1, sha1_96, md5, and md5_96 provide weak security. Therefore, they are not recommended in the HMAC algorithm list.

Example

# Configure the HMAC SHA2_256 algorithm for an SSH server.

<Huawei> system-view
[Huawei] ssh server secure-algorithms hmac sha2_256
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 126419

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next