Skip to main content
ONTAP REST API reference

Retrieve cluster SSH server ciphers, MAC algorithms, key exchange algorithms, and connection limits

Contributors

GET /security/ssh

Introduced In: 9.7

Retrieves the cluster SSH server ciphers, MAC algorithms, key exchange algorithms, host key algorithms, connection limits, and ssh-rsa enabled status for public key algorithms.

  • security ssh

  • security protocol ssh

Response

Status: 200, Ok
Name Type Description

_links

_links

ciphers

array[string]

Ciphers for encrypting the data.

connections_per_second

integer

Maximum connections allowed per second.

host_key_algorithms

array[string]

Host key algorithms. The host key algorithm 'ssh_ed25519' can be configured only in non-FIPS mode.

is_rsa_in_publickey_algorithms_enabled

boolean

Enables or disables the ssh-rsa signature scheme, which uses the SHA-1 hash algorithm, for RSA keys in public key algorithms. If this flag is false, older SSH implementations might fail to authenticate using RSA keys. This flag should be enabled only as a temporary measure until legacy SSH client implementations can be upgraded or reconfigured with another key type, for example: ECDSA.

key_exchange_algorithms

array[string]

Key exchange algorithms.

mac_algorithms

array[string]

MAC algorithms.

max_authentication_retry_count

integer

Maximum authentication retries allowed before closing the connection.

max_instances

integer

Maximum possible simultaneous connections.

per_source_limit

integer

Maximum connections from the same client host.

Example response
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "ciphers": [
    "aes256_ctr",
    "aes192_ctr",
    "aes128_ctr"
  ],
  "host_key_algorithms": [
    "ecdsa_sha2_nistp256",
    "ssh_rsa"
  ],
  "key_exchange_algorithms": [
    "diffie_hellman_group_exchange_sha256",
    "ecdh_sha2_nistp256",
    "diffie_hellman_group18_sha512"
  ],
  "mac_algorithms": [
    "hmac_sha2_512",
    "hmac_sha2_512_etm"
  ]
}

Error

Status: Default, Error
Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.