SSHv2 management
Suggest changes
PDFs
The security ssh modify command replaces the existing configurations of the SSH key exchange algorithms, ciphers, or MAC algorithms for the cluster or an SVM with the configuration settings you specify.
|
NetApp recommends the following:
|
Supported ciphers and key exchanges
| Ciphers | Key exchange |
|---|---|
aes256-ctr |
diffie-hellman-group-exchange-sha256 (SHA-2) |
aes192-ctr |
diffie-hellman-group-exchange-sha1 (SHA-1) |
aes128-ctr |
diffie-hellman-group14-sha1 (SHA-1) |
aes256-cbc |
diffie-hellman-group1-sha1 (SHA-1) |
aes192-cbc |
- |
aes128-cbc |
- |
aes128-gcm |
- |
aes256-gcm |
- |
3des-cbc |
- |
Supported AES and 3DES symmetric encryptions
ONTAP also supports the following types of AES and 3DES symmetric encryptions (also known as ciphers):
-
hmac-sha1
-
hmac-sha1-96
-
hmac-md5
-
hmac-md5-96
-
hmac-ripemd160
-
umac-64
-
umac-64
-
umac-128
-
hmac-sha2-256
-
hmac-sha2-512
-
hmac-sha1-etm
-
hmac-sha1-96-etm
-
hmac-sha2-256-etm
-
hmac-sha2-512-etm
-
hmac-md5-etm
-
hmac-md5-96-etm
-
hmac-ripemd160-etm
-
umac-64-etm
-
umac-128-etm
|
The SSH management configuration applies to ONTAP and the platform BMC. |