Step 2
| Specify the
desired encryption algorithms.
[local]host_name(config-sshd)# ciphers algorithms
Notes:
-
algorithms is a string
of 1 through 511 alphanumeric characters that specifies the algorithm(s) to be
used as a single string of comma-separated variables (no spaces) in priority
order (left to right) from those shown below:
- blowfish-cbc –
symmetric-key block cipher, Cipher Block Chaining, (CBC)
- 3des-cbc – Triple Data
Encryption Standard, CBC
- aes128-cbc – Advanced
Encryption Standard (AES), 128-bit key size, CBC
- aes128-ctr – AES, 128-bit
key size, Counter-mode encryption (CTR)
- aes192-ctr – AES, 192-bit key size, CTR
- aes256-ctr – AES, 256-bit key size, CTR
- aes128-gcm@openssh.com – AES, 128-bit key size, Galois
Counter Mode [GCM], OpenSSH
- aes256-gcm@openssh.com –
AES, 256-bit key size, GCM, OpenSSH
- chacha20-poly1305@openssh.com – ChaCha20 symmetric cipher,
Poly1305 cryptographic Message Authentication Code [MAC], OpenSSH
The default
string for
algorithms
in a Normal build
is:
blowfish-cbc,3des-cbc,aes128-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,
chacha20-poly1305@openssh.com
The default
string for
algorithms in a Trusted build is:
aes256-ctr,aes192-ctr,aes128-ctr
|