Filter
Top Products
40
Enhancements
Release R.11.14 Enhancements
Displaying the SSH Information
The show ip ssh command has been enhanced to display information about ciphers, MACs, and key
types and sizes.
ProCurve(config)# show ip ssh
SSH Enabled : No Secure Copy Enabled : No
TCP Port Number : 22 Timeout (sec) : 120
IP Version : IPv4orIPv6
Host Key Type : RSA Host Key Size : 1024
Ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,
rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
MACs : hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
Ses Type | Source IP Port
--- -------- + ---------------------------------------------- -----
1 console |
2 inactive |
3 inactive |
4 inactive |
5 inactive |
6 inactive |
Figure 3. Example of show ip ssh Command Showing Ciphers, MACs and Key Information
Logging Messages
There are new event log messages when a new key is generated and zeroized for the server:
ssh: New <num-bits> -bit [rsa | dsa] SSH host key installed
ssh: SSH host key zeroized
There are also new messages that indicates when a client public key is installed or removed:
ssh: <num-bits>-bit [rsa | dsa] client public key [installed | removed] ([manager| operator] access)
(key_comment)
Note: Only up to 39 characters of the key comment are included in the event log message.
Debug Logging
To add ssh messages to the debug log output, enter this command:
ProCurve# debug ssh LOGLEVEL
where LOGLEVEL is one of the following (in order of increasing verbosity):
•fatal
• error