Skip to main content
A newer release of this product is available.

Update the SSH server setting for a cluster

Contributors

PATCH /security/ssh

Introduced In: 9.7

Updates the SSH server setting for a cluster.

Optional parameters

  • ciphers - Encryption algorithms for the payload

  • key_exchange_algorithms - SSH key exchange algorithms

  • mac_algorithms - MAC algorithms

  • max_authentication_retry_count - Maximum authentication retries allowed before closing the connection

  • connections_per_second - Maximum allowed connections per second

  • max_instances - Maximum allowed connections per node

  • per_source_limit - Maximum allowed connections from the same client host

  • security ssh

  • security protocol ssh

Request Body

Name Type Description

_links

_links

ciphers

array[string]

Ciphers for encrypting the data.

connections_per_second

integer

Maximum connections allowed per second.

key_exchange_algorithms

array[string]

Key exchange algorithms.

mac_algorithms

array[string]

MAC algorithms.

max_authentication_retry_count

integer

Maximum authentication retries allowed before closing the connection.

max_instances

integer

Maximum possible simultaneous connections.

per_source_limit

integer

Maximum connections from the same client host.

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "ciphers": [
    "aes256_ctr",
    "aes192_ctr",
    "aes128_ctr"
  ],
  "key_exchange_algorithms": [
    "diffie_hellman_group_exchange_sha256",
    "diffie_hellman_group14_sha1"
  ],
  "mac_algorithms": [
    "hmac_sha1",
    "hmac_sha2_512_etm"
  ]
}

Response

Status: 200, Ok

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

10682372

There must be at least one key exchange algorithm associated with the SSH configuration.

10682373

There must be at least one cipher associated with the SSH configuration.

10682375

Failed to modify SSH key exchange algorithms.

10682378

Failed to modify SSH ciphers.

10682399

Key exchange algorithm not supported in FIPS enabled mode.

10682400

Failed to modify SSH MAC algorithms.

10682401

MAC algorithm not supported in FIPS enabled mode.

10682403

There must be at least one MAC algorithm with the SSH configuration.

10682413

Failed to modify maximum authentication retry attempts.

10682413

Failed to modify maximum authentication retry attempts.

10682418

Cipher not supported in FIPS enabled mode.

Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

cluster_ssh_server

Name Type Description

_links

_links

ciphers

array[string]

Ciphers for encrypting the data.

connections_per_second

integer

Maximum connections allowed per second.

key_exchange_algorithms

array[string]

Key exchange algorithms.

mac_algorithms

array[string]

MAC algorithms.

max_authentication_retry_count

integer

Maximum authentication retries allowed before closing the connection.

max_instances

integer

Maximum possible simultaneous connections.

per_source_limit

integer

Maximum connections from the same client host.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.