HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 204
Parameters, server, port-number, vpn-instance-name, interface-type interface-number, keyname
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 204 highlights
Parameters server: Specifies a server by its IPv6 address or host name, a case-insensitive string of 1 to 253 characters. port-number: Specifies the port number of the server, in the range 1 to 65535. The default is 22. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance that the server belongs to, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. -i interface-type interface-number: Specifies the outgoing interface used by the client to connect to the server. The interface-type interface-number argument specifies the outgoing interface by its type and number. This option is only used when the server uses a link-local address, and the specified outgoing interface on the client must have a link-local address. identity-key: Specifies the public key algorithm for the client, either dsa or rsa. The default is dsa. If the server uses publickey authentication, this keyword must be specified. • dsa: Specifies the public key algorithm dsa. • rsa: Specifies the public key algorithm rsa. prefer-compress: Specifies the preferred compression algorithm between the server and the client. By default, compression is not supported. zlib: Specifies the compression algorithm zlib. prefer-ctos-cipher: Specifies the preferred client-to-server encryption algorithm. The default is aes128. Algorithms des, 3des, aes128, and aes256 are arranged in ascending order in the aspects of security strength and calculation time. • 3des: Specifies the encryption algorithm 3des-cbc. • aes128: Specifies the encryption algorithm aes128-cbc. • aes256: Specifies the encryption algorithm aes256-cbc. • des: Specifies the encryption algorithm des-cbc. prefer-ctos-hmac: Specifies the preferred client-to-server HMAC algorithm. The default is sha1. Algorithm sha1 features stronger security but costs more time in calculation than md5. • md5: Specifies the HMAC algorithm hmac-md5. • md5-96: Specifies the HMAC algorithm hmac-md5-96. • sha1: Specifies the HMAC algorithm hmac-sha1. • sha1-96: Specifies the HMAC algorithm hmac-sha1-96. prefer-kex: Specifies the preferred key exchange algorithm. The default algorithm is dh-group-exchange in non-FIPS mode and is dh-group14 in FIPS mode. Algorithm dh-group14 features stronger security but costs more time in calculation than dh-group1 • dh-group-exchange: Specifies the key exchange algorithm diffie-hellman-group-exchange-sha1. • dh-group1: Specifies the key exchange algorithm diffie-hellman-group1-sha1. • dh-group14: Specifies the key exchange algorithm diffie-hellman-group14-sha1. prefer-stoc-cipher: Specifies the preferred server-to-client encryption algorithm. The default is aes128. prefer-stoc-hmac: Specifies the preferred server-to-client HMAC algorithm. The default is sha1. publickey keyname: Specifies the server by its host public key, which is used to authenticate the server. The keyname argument is a case-insensitive string of 1 to 64 characters. 195