DETAILED STEPS
Purpose
Command or Action
Enters the global configuration mode.
configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#?
Enables all supported KexAlgorithms which are the key
exchange methods that are used to generate per-connection
keys.
(Optional)
ssh kexalgos all
Example:
switch(config)# ssh kexalgos all
Step 2
Supported KexAlgorithmns are:
• curve25519-sha256
• diffie-hellman-group-exchange-sha256
• diffie-hellman-group14-sha1
• diffie-hellman-group1-sha1
• ecdh-sha2-nistp256
• ecdh-sha2-nistp384
• ecdh-sha2-nistp521
Enables all supported MACs which are the message
authentication codes used to detect traffic modification.
(Optional)
ssh macs all
Example:
Step 3
Supported MACs are:
switch(config)# ssh macs all
• hmac-sha1
• hmac-sha2-256
• hmac-sha2-512
Enables all supported ciphers to encrypt the connection.
(Optional)
ssh ciphers all
Step 4
Example:
Supported ciphers are:
switch(config)# ssh ciphers all
• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
142
Configuring SSH and Telnet
Configuring Legacy SSH Algorithm Support