ciphers

This command specifies the cipher suites that the appliance accepts for SSH encryption.

Syntax

Add a cipher.: ciphers cipher-string
Delete a cipher.: no ciphers cipher-string

Parameters

cipher-string

Specifies the ciphers allowed by OpenSSH version 2 to use in SSH communication. The order of cipher suites is important. The server compares its list to the client's list in order of preference. The first cipher suite in the client's list is chosen when it is also supported by the server.

The cipher suites in the following list are supported and all are default values. You can change the preference order of cipher suites.

CHACHA20-POLY1305_AT_OPENSSH.COM
AES128-CTR
AES192-CTR
AES256-CTR
AES128-GCM_AT_OPENSSH.COM
AES256-GCM_AT_OPENSSH.COM
ARCFOUR256
ARCFOUR128
AES128-CBC
3DES-CBC
BLOWFISH-CBC
CAST128-CBC
AES192-CBC
AES256-CBC
ARCFOUR
RIJNDAEL-CBC_AT_LYSATOR.LIU.SE

Guidelines

To specify multiple ciphers, run this command for each cipher. Adding new ciphers does not delete existing ones. New ciphers are always appended to the list.

Use the no ciphers command to clear all defined ciphers. When cleared, the SSH profile uses its default ciphers.