Configuring Supported SSH Ciphers and MACs

Important:

Background

You can configure different settings for the SSH daemon on the Gaia Operating System.

You can configure these SSH settings in Gaia ClishClosed The name of the default command line shell in Check Point Gaia operating system. This is a restricted shell (role-based administration controls the number of commands available in the shell).:

Available SSH Settings

Setting

Description

SSH Ciphers

SSH uses ciphers for privacy of data it sends over an SSH connection.

SSH Message Authentication Codes

SSH uses Message Authentication Codes to maintain the integrity of each message it sends over and SSH connection. This provides integrity between SSH peers.

Complete Syntax

set ssh server
      cipher <Cipher> {on | off}
      mac <Message Authentication Code> {on | off}
show ssh server
      cipher enabled
      cipher supported
      mac enabled
      mac supported

Syntax for SSH Ciphers

  • To view the supported SSH Ciphers:

    show ssh server cipher supported

  • To view the enabled SSH Ciphers:

    show ssh server cipher enabled

  • To enable or disable the supported SSH Ciphers:

    set ssh server cipher <Cipher> {on | off}

    Important - After you add, configure, or delete features, run the "save config" command to save the settings permanently.

Syntax for SSH Message Authentication Codes (MACs)

  • To view the supported SSH Message Authentication Codes:

    show ssh server mac supported

  • To view the enabled SSH Message Authentication Codes:

    show ssh server mac enabled

  • To enable or disable the supported SSH Message Authentication Codes:

    set ssh server mac <Message Authentication Code> {on | off}

    Important - After you add, configure, or delete features, run the "save config" command to save the settings permanently.