McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 135

↗ View in doc context
page
135
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::129

For more information about OpenSSL cipher string format, see https://www.openssl.org/docs/man1.0.2/apps/ciphers.html. Step 4 To configure the cipher string in the SSH Ciphers field, enter the cipher string in OpenSSH cipher string format in the Cipher String field. For more information about OpenSSH cipher string format for SSH Ciphers, see https://www.ssh.com/manuals/ server-admin/44/Ciphers_and_MACs.html. If you don't configure any cipher string in the SSH Ciphers field, the following ciphers are applicable to all SSH connections by default: In FIPS mode: aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com In non-FIPS mode: aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com Step 5 To configure the key exchange algorithm in the SSH Key Exchange field, enter the algorithm string in OpenSSH string format in the Algorithm String field. For more information about OpenSSH algorithm string format for SSH Key Exchange, see the https://datatracker.ietf.org/ doc/rfc9142/. If you don't configure any key exchange algorithm in the SSH Key Exchange field, the following key exchange algorithms are applicable to all SSH connections by default: In FIPS mode: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 In non-FIPS mode: diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 Step 6 To configure MAC algorithm in the SSH MAC field, enter the algorithm string in OpenSSH string format in the Algorithm String field. For more information about OpenSSH algorithm string format for SSH MAC, see https://www.ssh.com/manuals/ server-admin/44/Ciphers_and_MACs.html. If you don't configure any MAC algorithm in the SSH MAC field, the following MAC algorithms are applicable to all SSH connections by default: In FIPS mode: hmac-sha1 In non-FIPS mode: hmac-sha1 Step 7 Click Save. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 117 Basic System Security Configure Cipher String