ssh key-exchange-algorithms

Description

Configures SSH to use a set of key exchange algorithm types in the specified priority order. The first key exchange type entered in the CLI is considered a first priority. Key exchange algorithms are used to exchange a shared session key with a peer securely. Each option represents an algorithm that is used to distribute a shared key in a way that prevents outside interference, manipulation, or recovery. Only the key exchange algorithms that are specified by the user are configured.

The没有form of this command removes the configuration of key exchange algorithms and reverts SSH to use the default set of algorithms.

Command context

config

Parameters

Valid key exchange algorithms are:

• curve25519-sha256

• curve25519-sha256@libssh.org

• diffie-hellman-group-exchange-sha1

• diffie-hellman-group-exchange-sha256

• diffie-hellman-group14-sha1

• diffie-hellman-group14-sha256

• diffie-hellman-group16-sha512

• diffie-hellman-group18-sha512

• ecdh-sha2-nistp256

• ecdh-sha2-nistp384

• ecdh-sha2-nistp521

在先前的默认组密钥交换算法ity order:

1. curve25519-sha256

2. curve25519-sha256@libssh.org

3. ecdh-sha2-nistp256

4. ecdh-sha2-nistp384

5. ecdh-sha2-nistp521

6. diffie-hellman-group-exchange-sha256

7. diffie-hellman-group16-sha512

8. diffie-hellman-group18-sha512

9. diffie-hellman-group14-sha256

10. diffie-hellman-group-exchange-sha1

Authority

Administrators or local user group members with execution rights for this command.

Examples

Configuring SSH to use a set of specified key exchange algorithms:

switch(config)#ssh key-exchange-algorithms ecdh-sha2-nistp256 curve25519-sha256 diffie-hellman-group-exchange-sha256

Reverting SSH to use the default set of key-exchange-algorithms:

switch(config)#没有key-exchange-algorithms