Retrieve cluster SSH server ciphers, MAC algorithms, key exchange algorithms, and connection limits
GET /security/ssh
Introduced In: 9.7
Retrieves the cluster SSH server ciphers, MAC algorithms, key exchange algorithms, host key algorithms, connection limits, and ssh-rsa enabled status for public key algorithms.
Related ONTAP commands
-
security ssh
-
security protocol ssh
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
_links |
||
ciphers |
array[string] |
Ciphers for encrypting the data. |
connections_per_second |
integer |
Maximum connections allowed per second. |
host_key_algorithms |
array[string] |
Host key algorithms. The host key algorithm 'ssh_ed25519' can be configured only in non-FIPS mode. |
is_rsa_in_publickey_algorithms_enabled |
boolean |
Enables or disables the ssh-rsa signature scheme, which uses the SHA-1 hash algorithm, for RSA keys in public key algorithms. If this flag is false, older SSH implementations might fail to authenticate using RSA keys. This flag should be enabled only as a temporary measure until legacy SSH client implementations can be upgraded or reconfigured with another key type, for example: ECDSA. |
key_exchange_algorithms |
array[string] |
Key exchange algorithms. |
mac_algorithms |
array[string] |
MAC algorithms. |
max_authentication_retry_count |
integer |
Maximum authentication retries allowed before closing the connection. |
max_instances |
integer |
Maximum possible simultaneous connections. |
per_source_limit |
integer |
Maximum connections from the same client host. |
Example response
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"ciphers": [
"aes256_ctr",
"aes192_ctr",
"aes128_ctr"
],
"host_key_algorithms": [
"ecdsa_sha2_nistp256",
"ssh_rsa"
],
"key_exchange_algorithms": [
"diffie_hellman_group_exchange_sha256",
"ecdh_sha2_nistp256",
"diffie_hellman_group18_sha512"
],
"mac_algorithms": [
"hmac_sha2_512",
"hmac_sha2_512_etm"
]
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |