Index  |  Top  -  Up Data ONTAP 8.3

security ssh show

Display SSH configuration options

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

This command displays the configurations of the SSH key exchange algorithms and ciphers for the cluster and Vservers. The SSH protocol uses a Diffie-Hellman based key exchange method to establish a shared secret key during the SSH negotiation phrase. The key exchange method specifies how one-time session keys are generated for encryption and authentication and how the server authentication takes place. Data ONTAP supports the diffie-hellman-group-exchange-sha256 key exchange algorithm for SHA-2. Data ONTAP also supports the diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, and diffie-hellman-group1-sha1 key exchange algorithms for SHA-1. Data ONTAP also supports the AES and 3DES symmetric encryptions (also known as ciphers) of the following types: aes256-ctr, aes192-ctr, aes128-ctr, aes256-cbc, aes192-cbc, aes128-cbc, and 3des-cbc.

Parameters

{  [-fields <fieldname>, ...]

If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

|  [-instance ]  }

If you specify the -instance parameter, the command displays detailed information about all fields.

[-vserver <vserver name>] - Vserver

Identifies the Vserver for which you want to display the SSH key exchange algorithm and cipher configurations.

[-key-exchange-algorithms <algorithm name>, ...] - Key Exchange Algorithms

Displays the Vserver or Vservers that have the specified key exchange algorithms enabled.

[-ciphers <cipher name>, ...] - Ciphers

Displays the Vserver or Vservers that have the specified ciphers enabled.

Examples

The following command displays the enabled SSH key exchange algorithms and ciphers for the cluster and all Vservers. The cluster settings are used as the default for all newly created Vservers.
cluster1::> security ssh show
Vserver         Ciphers      Key Exchange Algorithms
--------------- ------------ -----------------------------------------
cluster1        aes256-ctr,  diffie-hellman-group-exchange-sha256
                aes192-ctr,
                aes128-ctr
vs0             aes256-ctr,  diffie-hellman-group-exchange-sha256
                aes192-ctr,
                aes128-ctr
vs1             aes256-ctr,  diffie-hellman-group-exchange-sha256,
                aes192-ctr,  diffie-hellman-group-exchange-sha1,
                aes128-ctr,  diffie-hellman-group14-sha1,
                aes256-cbc,  diffie-hellman-group1-sha1
                aes192-cbc,
                aes128-cbc,
                3des-cbc
3 entries were displayed.

Index  |  Top  -  Up Data ONTAP 8.3

Copyright © 1994-2015 NetApp, Inc. Legal Information