ssh client hmac

Function

The ssh client hmac command configures HMAC authentication algorithms on an SSH client.

The undo ssh client hmac command restores the default HMAC authentication algorithms on an SSH client.

By default, the SSH client supports these HMAC authentication algorithms: SHA2_51 and SHA2_256.

Format

ssh client hmac { md5 | md5_96 | sha1 | sha1_96 | sha2_256 | sha2_256_96 | sha2_512 } *

undo ssh client hmac

Parameters

Parameter Description Value
md5

Specifies an HMAC MD5 authentication algorithm.

-
md5_96

Specifies an HMAC MD5_96 algorithm.

-
sha1

Specifies an HMAC SHA1 algorithm.

-
sha1_96

Specifies an HMAC SHA1_96 algorithm.

-
sha2_256

Specifies an HMAC SHA1 algorithm. This algorithm is recommended.

-
sha2_256_96

Specifies an HMAC SHA2_256_96 authentication algorithm.

-
sha2_512

Specifies an HMAC SHA2_512 authentication algorithm.

-

Views

System view

Default Level

3: Management level

Task Name and Operations

Task Name Operations
ssh-client write

Usage Guidelines

Usage Scenario

To configure HMAC authentication algorithms on an SSH client, run the ssh client hmac command. The SSH client and server negotiate authentication algorithms for the packets exchanged between them. During negotiation, the client sends its authentication algorithms to the server. After comparing the received authentication algorithms with local ones, the server selects the first matching authentication algorithm received for packet transmission. If no matching authentication algorithm is found, the negotiation fails.

Precautions

  • To ensure high security, you can use the HMAC authentication algorithms such as: sha2_256, sha2_512.This command takes effect for both IPv4 and IPv6 SSH clients.

Example

# Configure an HMAC SHA2_256 authentication algorithm.
<HUAWEI> system-view
[~HUAWEI] ssh client hmac sha2_256
Parent Topic: SSH Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >