show ssh-kex

In the R81.10.X releases, this command is available starting from the R81.10.05 version.

Description

Starting in R81.10.x, OpenSSH is used for the SSH server (sshd) instead of Dropbear. OpenSSH enables you to configure which encryption algorithms to use for each stage of the connection, using a config file. Add/delete algorithms from a predefined list.

These are the encryption categories, each with multiple supported algorithms:

  • Kex - Key Exchange Algorithms, the key exchange methods that are used to generate per-connection keys.

  • Ciphers - The ciphers used to encrypt the connection.

  • MACs - Specified the available MAC (message authentication code) algorithms.

Syntax

show ssh-kex

Parameters

Parameter

Description

kex

  • curve25519-sha256

  • curve25519-sha256@libssh.org

  • ecdh-sha2-nistp521

  • ecdh-sha2-nistp384

  • ecdh-sha2-nistp256

  • diffie-hellman-group14-sha256

  • diffie-hellman-group14-sha1

  • diffie-hellman-group16-sha512

  • diffie-hellman-group18-sha512

  • diffie-hellman-group-exchange-sha256

Example Output

curve25519-sha256

curve25519-sha256@libssh.org

ecdh-sha2-nistp521

ecdh-sha2-nistp384

ecdh-sha2-nistp256

diffie-hellman-group14-sha256

diffie-hellman-group14-sha1

diffie-hellman-group16-sha512

diffie-hellman-group18-sha512

diffie-hellman-group-exchange-sha256