ip ssh
Syntax
ip ssh [cipher <cipher-type>] [mac <mac–type>] [port <1-65535|default>] [timeout <5-120>]
[no] ip ssh [cipher <cipher-type>] [mac <mac–type>]
Description
Enables SSH on the switch.
The
no
form of the command disables SSH on the switch.
Options
[cipher <cipher-type>]
Specify a cipher type to use for connection.
Valid types are:
-
aes128-cbc
-
3des-cbc
-
aes192-cbc
-
aes256-cbc
-
aes128-ctr
-
aes192-ctr
-
aes256-ctr
Default: All cipher types are available.
Use the
no
form of the command to disable a cipher type.
[filetransfer]
Enable/disable secure file transfer capability.
SCP and SFTP secure file transfer will not function unless SSH is also enabled.
[mac <mac–type>]
Allows configuration of the set of MACs that can be selected.
Valid types are:
-
hmac-md5
-
hmac-sha1
-
hmac-sha1-96
-
hmac-md5-96
Default: All MAC types are available.
Use the
no
form of the command to disable a MAC type.
[port <1-65535|default>]
The TCP port number for SSH connections.
Default: 22.
[timeout <5-120>]
Sets the maximum length of time (in seconds) allowed for initial protocol negotiation and authentication.
Default: 120 seconds
Hewlett Packard Enterprise recommends using the default TCP port number (22). However, you can use the
ip ssh port
command to specify any TCP port for SSH connections except those reserved for other purposes. Examples of reserved port numbers reserved IP ports are 23 (Telnet) and 80 (http). Some other reserved TCP ports on the switch are 49, 80, 1506, and 1513.