ssh-config
The ssh-config element is used to set the attributes of the SSH/SFTP server.
Parameters
- rekey-interval
- Enter the number
of minutes before rekeying an SSH session.
- Default: 60
- Values: Min: 60 / Max: 600
- rekey-byte-count
- Enter the number of bytes, as a power of 2, to be transmitted
before rekeying an SSH session. For example: 31 means 2^31 or 2147483648 bytes.
- Default: 31
- Values: Min: 20 / Max: 31
- encr-algorithms
- Enter the list of encryption algorthims which the SSH server
should offer during session negotiation. Entries may be single values or a
comma-separated list in double quotes. The SSH session will use the first
algorithm which both the client and server support. The list of supported
ciphers are updated per release as weaker ciphers are deprecated and then
removed. See the Release Notes for the list of algorithms supported in this
release.
- Default: Type
?
to see the default algorithms for this release. - Values: Type
?
to see the supported values for this release.
- Default: Type
- hmac-algorithms
- Enter the list of HMAC algorithms which the SSH server should
offer during session negotitation. Entries may be single values or a
comma-separated list in double quotes. The SSH session will use the first
algorithm which both the client and server support. See the Release Notes for
the list of algorithms supported in this release.
- Default: Type
?
to see the default algorithms for this release. - Values: Type
?
to see the supported values for this release.
- Default: Type
- hostkey-algorithms
- Enter the list of host key algorithms which the SSH server should
offer during session negotitation. Entries may be single values or a
comma-separated list in double quotes. The SSH session will use the first
algorithm which both the client and server support. See the Release Notes for
the list of algorithms supported in this release.
- Default: Type
?
to see the default algorithms for this release. - Values: Type
?
to see the supported values for this release.
- Default: Type
- keyex-algorithms
- Enter the list of key exchange algorithms which the SSH server
should offer during session negotitation. Entries may be single values or a
comma-separated list in double quotes. The SSH session will use the first
algorithm which both the client and server support. See the Release Notes for
the list of algorithms supported in this release.
- Default: Type
?
to see the default algorithms for this release. - Values: Type
?
to see the supported values for this release.
- Default: Type
- proto-neg-time
- Enter the number of seconds allocated for SSH session negotation.
- Default: 30
- Values: Min: 30 / Max: 60
- keep-alive-enable
- Enable or disable the TCP keep-alive timer.
- Default: enabled
- Values: enabled | disabled
- keep-alive-idle-timer
- Enter the number of seconds between the last data packet sent and
the first keep-alive probe.
- Default: 15
- Values: Min: 15 / Max: 1800
- keep-alive-interval
- Enter the number of seconds between two successive keep-alive
retransmissions.
- Default: 15
- Values: Min: 15 / Max: 120
- keep-alive-retries
- Enter the number of retransmissions before declaring the remote
end unavailable.
- Default: 2
- Values: Min: 2 / Max: 10
Path
ssh-config is an element under the security path. The full path from the topmost ACLI prompt is: .