ssh
ip/ssh
Package: security
Type: Settings Directory
| Argument | Type | Description |
|---|---|---|
| ciphers | multi { array-id, enum (aes-gcm | aes-ctr | aes-cbc | 3des-cbc | null | auto) { aes-gcm:ssh::config::CIPHER_AES_GCM, aes-ctr:ssh::config::CIPHER_AES_CTR, aes-cbc:ssh::config::CIPHER_AES_CBC, 3des-cbc:ssh::config::CIPHER_3DES_CBC, null:ssh::config::CIPHER_NULL, auto:ssh::config::CIPHER_AUTO } } | allowed cipher list |
| forwarding-enabled | enum (no | local | remote | both) | control which forwarding is allowed |
| password-authentication | enum (yes | no | yes-if-no-key) | |
| publickey-authentication-options | enum (none | touch-required | verify-required) | |
| strong-crypto | bool | use stronger encryption, HMAC algorithms, use bigger DH primes and disallow weaker ones |
| host-key-size | enum (1024 | 1536 | 2048 | 4096 | 8192) | RSA key size when host key is regenerated |
| host-key-type | enum (rsa | ed25519) |
ip/ssh/export-host-key
Package: security
Type: Command
| Argument | Type | Description |
|---|---|---|
| key-file-prefix | string | |
| passphrase | string |
ip/ssh/import-host-key
Package: security
Type: Command
| Argument | Type | Description |
|---|---|---|
| private-key-file | file | |
| passphrase | string |
ip/ssh/regenerate-host-key
Package: security
Type: Command