63
suite-b
: Specifies the Suite B algorithms. If neither the 128-bit keyword nor the 192-bit keyword is
specified, all algorithms in Suite B are used. For more information about the Suite B algorithms, see
128-bit
: Specifies the 128-bit Suite B security level.
192-bit
: Specifies the 192-bit Suite B security level.
pki-domain
domain-name
: Specifies the PKI domain of the client's certificate. The
domain-name
argument represents the PKI domain name, a case-insensitive string of 1 to 31
characters. Invalid characters are tildes (~), asterisks (*), backslashes (\), vertical bars (|), colons (:),
dots (.), angle brackets (< >), quotation marks ("), and apostrophes (').
server-pki-domain
domain-name
: Specifies the PKI domain for verifying the server's
certificate. The
domain-name
argument represents the PKI domain name, a case-insensitive string
of 1 to 31 characters. Invalid characters are tildes (~), asterisks (*), backslashes (\), vertical bars (|),
colons (:), dots (.), angle brackets (< >), quotation marks ("), and apostrophes ('). If you do not specify
the server's PKI domain, the client uses the PKI domain of its own certificate to verify the server's
certificate.
prefer-compress
: Specifies the preferred compression algorithm for data compression between
the server and the client. By default, compression is not supported.
zlib
: Specifies compression algorithm zlib.
dscp
dscp-value
: Specifies the DSCP value in the IPv4 SSH packets. The value range for the
dscp-value
argument is 0 to 63, and the default value is 48. The DSCP value determines the
transmission priority of the packet.
escape
character
: Specifies a case-sensitive escape character. By default, the escape
character is a tilde (~).
source
: Specifies a source IP address or source interface for SSH packets. By default, the device
uses the primary IPv4 address of the output interface in the routing entry as the source address of
SSH packets. As a best practice to ensure successful Stelnet connections, specify a loopback
interface as the source interface or specify the IPv4 address a loopback interface as the source
address.
•
interface interface-type interface-number
: Specifies a source interface by its
type and number. The primary IPv4 address of this interface is the source IPv4 address of the
SSH packets.
•
ip
ip-address
: Specifies a source IPv4 address.
Usage guidelines
Table 10 Suite B algorithms
Security
level
Key exchange
algorithm
Encryption algorithm
and HMAC algorithm
Public key algorithm
128-bit
ecdh-sha2-nistp256
AES128-GCM
x509v3-ecdsa-sha2-nistp256
192-bit
ecdh-sha2-nistp384
AES256-GCM
x509v3-ecdsa-sha2-nistp384
Both
ecdh-sha2-nistp256
ecdh-sha2-nistp384
AES128-GCM
AES256-GCM
x509v3-ecdsa-sha2-nistp256
x509v3-ecdsa-sha2-nistp384
The combination of an escape character and a dot (.) works as an escape sequence. This escape
sequence is typically used to quickly terminate an SSH connection when the server reboots or
malfunctions.
For the escape sequence to take effect, you must enter it at the very beginning of a line. If you have
entered other characters or performed operations in a line, enter the escape sequence in the next
Содержание SOHO IE4300
Страница 114: ...ii tftp client ipv6 source 41 tftp client source 41 tftp ipv6 42 tftp server acl 44 tftp server ipv6 acl 44...
Страница 285: ...i Contents Tcl commands 1 cli 1 tclquit 1 tclsh 2...
Страница 288: ...i Contents Python commands 1 exit 1 python 1 python filename 2...
Страница 291: ...i Contents Automatic configuration commands 1 autodeploy udisk enable 1...
Страница 323: ...25 Sysname Ten GigabitEthernet1 0 51 undo shutdown Related commands irf port...
Страница 396: ...i Contents Bulk interface configuration commands 1 display interface range 1 interface range 1 interface range name 3...
Страница 460: ...i Contents Port isolation commands 1 display port isolate group 1 port isolate enable 2 port isolate group 2...
Страница 465: ...ii stp vlan enable 55 vlan mapping modulo 55...
Страница 589: ...60 Examples Enable LLDP for automatic IP phone discovery Sysname system view Sysname voice vlan track lldp...
Страница 602: ...12 Related commands display mvrp statistics...
Страница 609: ...i Contents VLAN mapping commands 1 display vlan mapping 1 vlan mapping 2...
Страница 678: ...9 Related commands reset pppoe relay statistics...
Страница 846: ...i Contents Basic IP forwarding commands 1 display fib 1 ip forwarding table save 2...
Страница 1073: ...i Contents HTTP redirect commands 1 http redirect https port 1 http redirect ssl server policy 1...
Страница 1087: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1340: ...9 Sysname ipv6 route static default preference 120 Related commands display ipv6 routing table protocol...
Страница 1649: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1668: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 1770: ...i Contents Time range commands 1 display time range 1 time range 1...
Страница 2026: ...34 Related commands display mac authentication...
Страница 2028: ...ii...
Страница 2143: ...i Contents User profile commands 1 display user profile 1 user profile 2...
Страница 2308: ...61 ipsec transform set...
Страница 2473: ...i Contents TCP attack prevention commands 1 tcp anti naptha enable 1 tcp check state interval 1 tcp state 2...
Страница 2531: ...i Contents SAVI commands 1 ipv6 savi down delay 1 ipv6 savi log enable 1 ipv6 savi strict 2...
Страница 2534: ...3 Sysname ipv6 savi strict Related commands ipv6 verify source...
Страница 2541: ...i Contents Crypto engine commands 1 display crypto engine 1 display crypto engine statistics 1 reset crypto engine statistics 3...
Страница 2545: ...i Contents FIPS commands 1 display crypto version 1 display fips status 1 fips mode enable 2 fips self test 4...
Страница 2791: ...14 Sysname track 1 Related commands delay display track...
Страница 2939: ...9 sntp authentication keyid sntp reliable authentication keyid...
Страница 2967: ...27 Related commands apply poe profile poe enable poe max power interface view poe priority...
Страница 3240: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 3263: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...