Dell Command Line Reference Guide for the S4048–ON System 9.14.2.5

PDF

ip ssh server

Syntax
NOTE: Some of the parameters in this command require licensing to access. For more information, contact your Dell EMC Networking representative.
ip ssh server {ciphers cipher-list} {enable | port port-number} [kex key-exchange-algorithm] [mac hmac-algorithm][version 2]

To disable SSH server functions, use the no ip ssh server {ciphers cipher-list} {enable | port port-number} [kex key-exchange-algorithm] [mac hmac-algorithm] command.

Parameters
enable
Enter the key word enable to start the SSH server.
ciphers cipher-list
Enter the keyword ciphers and then a space-delimited list of ciphers that the SSH server supports. The following ciphers are available.
  • 3des-cbc

  • aes128-cbc

  • aes192-cbc

  • aes256-cbc

  • aes128-ctr

  • aes192-ctr

  • aes256-ctr

The default cipher list is used.
  • 3des-cbc

  • aes128-cbc

  • aes192-cbc

  • aes256-cbc

  • aes128-ctr

  • aes192-ctr

  • aes256-ctr

mac hmac-algorithm

Enter the keyword mac then a space-delimited list of hash message authentication code (HMAC) algorithms supported by the SSH server for keying hashing for the message authentication. 

The following HMAC algorithms are available:

  • hmac-sha1

  • hmac-sha1-96

  • hmac-sha2-256

When FIPS is enabled, the default HMAC algorithm is hmac-sha1-96

When FIPS is not enabled, the default HMAC algorithms are the following:
  • hmac-md5
  • hmac-md5-96
  • hmac-sha1

  • hmac-sha1-96

  • hmac-sha2-256

kex key-exchange-algorithm

Enter the keyword kex and then a space-delimited list of key exchange algorithms supported by the SSH server.

The following key exchange algorithms are available:

  • diffie-hellman-group-exchange-sha1

  • diffie-hellman-group1-sha1

  • diffie-hellman-group14-sha1

When FIPS is enabled, the default key-exchange-algorithm is diffie-hellman-group14-sha1.

When FIPS is not enabled, the default key-exchange-algorithms are the following:
  • diffie-hellman-group-exchange-sha1

  • diffie-hellman-group1-sha1,

  • diffie-hellman-group14-sha1

port port-number
(OPTIONAL) Enter the keyword port then the port number of the listening port of the SSH server. The range is from 1 to 65535. The default is 22.
[version 2]
(OPTIONAL) Enter the keyword version then the SSH version 2, to specify SSHv2.
Defaults
  • Default listening port is 22.

  • Default cipher list is 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr.

  • When FIPS is enabled, the default is hmac-sha1-96. 

  • When FIPS is not enabled, the default is hmac-md5,hmac-md5-96,hmac-sha1,hmac-sha1-96,hmac-sha2-256.

  • When FIPS is enabled, the default is diffie-hellman-group14-sha1.

  • When FIPS is not enabled, the default is diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1.

Command Modes
CONFIGURATION
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

Version
Description
9.12(0.0)
Removed support for SSHv1 from all platforms.
9.10(0.1)
Introduced on the S6010-ON and S4048T-ON.
9.10(0.0)
Introduced on the S3148.
9.10(0.0)
Removed the support for hmac-sha2-256-96 algorithm.
9.8(2.0)
Introduced on the S3100 series.
9.8(1.0)
Introduced on the Z9100-ON.
9.8(0.0P5)
Introduced on the S4048-ON.
9.8(0.0P2)
Introduced on the S3048-ON.
9.7(0.0)
Introduced on the S6000–ON.
9.5(0.1)
Introduced the cipher , kex and mac options on the Z9500.
9.5(0.0)
Introduced the cipher, kex and mac options on the Z9000, S6000, S4820T, S4810, and MXL.
9.2(1.0)
Introduced on the Z9500.
9.0.2.0
Introduced on the S6000.
8.3.19.0
Introduced on the S4820T.
8.3.11.1
Introduced on the Z9000.
8.3.7.0
Introduced on the S4810.
7.6.1.0
Introduced on the S-Series.
7.5.1.0
Introduced on the C-Series.
pre-6.1.1.0
Introduced on the E-Series.
Usage Information
This command enables the SSH server and begins listening on a port. If a port is not specified, listening is on SSH default port 22.
NOTE: Starting with Dell EMC Networking OS Release 9.2(0.0), SSH server is enabled by default.
Example
DellEMC# conf
DellEMC(conf)# ip ssh server port 45
DellEMC(conf)# ip ssh server enable
DellEMC#

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\