Restriction for SSH Algorithms for Common Criteria Certification
Starting from Cisco IOS XE Amsterdam 17.1.1, SHA1 is not supported.
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Starting from Cisco IOS XE Amsterdam 17.1.1, SHA1 is not supported.
This section provides information about the Secure Shell (SSH) Algorithms for Common Criteria Certification, the Cisco IOS SSH Server Algorithms and Cisco IOS SSH Client Algorithms.
A Secure Shell (SSH) configuration enables a Cisco IOS SSH server and client to authorize the negotiation of only those algorithms that are configured from the allowed list, and the priority of the algorithms are based on the user configuration. If a remote party tries to negotiate using only those algorithms that are not part of the allowed list, the request is rejected and the session is not established.
Cisco IOS secure shell (SSH) servers support the encryption algorithms (Advanced Encryption Standard Counter Mode [AES-CTR], AES Cipher Block Chaining [AES-CBC], Triple Data Encryption Standard [3DES]), and Galois/Counter Mode (GCM) in the following order:
Supported Default Encryption Order:
chacha20-poly1305@openssh.com
aes128-gcm@openssh.com
aes256-gcm@openssh.com
aes128-gcm
aes256-gcm
aes128-ctr
aes192-ctr
aes256-ctr
Supported Non-Default Encryption:
aes128-cbc
aes192-cbc
aes256-cbc
3des-cbc
Cisco IOS SSH servers support the Message Authentication Code (MAC) algorithms in the following order:
Supported Default HMAC Order:
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
Supported Non-Default HMAC:
hmac-sha1
hmac-sha2-256
hmac-sha2-512
Cisco IOS SSH servers support the host key algorithms in the following order:
Supported Default Host Key Order:
rsa-sha2-512
rsa-sha2-256
ssh-rsa
Supported Non-Default Host Key:
x509v3-ssh-rsa
Cisco IOS SSH servers support the Key Exchange (KEX) DH Group algorithms in the following default order:
Supported Default KEX DH Group Order:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
Supported Non-Default KEX DH Group:
diffie-hellman-group14-sha1
Cisco IOS SSH servers support the public key algorithms in the following default order:
Supported Default Public Key Order:
ssh-rsa
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-ed25519
x509v3-ecdsa-sha2-nistp256
x509v3-ecdsa-sha2-nistp384
x509v3-ecdsa-sha2-nistp521
rsa-sha2-256
rsa-sha2-512
x509v3-rsa2048-sha256
Supported Non-Default Public Key:
x509v3-ssh-rsa
Cisco IOS secure shell (SSH) clients support the the encryption algorithms (Advanced Encryption Standard counter mode [AES-CTR], AES Cipher Block Chaining [AES-CBC], Triple Data Encryption Standard [3DES]), and Galois/Counter Mode (GCM) in the following order:
Supported Default Encryption Order:
chacha20-poly1305@openssh.com
aes128-gcm@openssh.com
aes256-gcm@openssh.com
aes128-gcm
aes256-gcm
aes128-ctr
aes192-ctr
aes256-ctr
Supported Non-Default Encryption:
aes128-cbc
aes192-cbc
aes256-cbc
3des-cbc
Cisco IOS SSH clients support the Message Authentication Code (MAC) algorithms in the following order:
Supported Default HMAC order:
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
Supported Non-Default HMAC:
hmac-sha1
hmac-sha2-256
hmac-sha2-512
Cisco IOS SSH clients support the Key Exchange (KEX) DH Group algorithms in the following default order:
Supported Default KEX DH Group Order:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
Supported Non-Default KEX DH Group:
diffie-hellman-group14-sha1
This section provides information on how to configure and troubleshoot:
Encryption key algorithm for a Cisco IOS SSH server and client
MAC algorithm for a Cisco IOS SSH server and client
Key Exchange DH Group algorithm for Cisco IOS SSH server and client
Public Key algorithm for a Cisco IOS SSH server
Host Key algorithm for a Cisco IOS SSH server
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password, if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ip ssh {server | client} algorithm encryption {3des-cbc | aes128-cbc | aes128-ctr | aes128-gcm | aes128-gcm@openssh.com | aes192-cbc | aes192-ctr | aes256-cbc | aes256-ctr | aes256-gcm | aes256-gcm@openssh.com | chacha20-poly1305@openssh.com} Example:
|
Defines the order of encryption algorithms in the SSH server and client. This order is presented during algorithm negotiation.
|
||
Step 4 |
end Example:
|
Exits global configuration mode and returns to privileged EXEC mode. |
Troubleshooting Tips
% SSH command rejected: All encryption algorithms cannot be disabled
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ip ssh {server | client} algorithm mac {hmac-sha1 | hmac-sha2-256 | hmac-sha2-256-etm@openssh.com | hmac-sha2-512 | hmac-sha2-512-etm@openssh.com} Example:
|
Defines the order of MAC (Message Authentication Code) algorithms in the SSH server and client. This order is presented during algorithm negotiation.
|
||
Step 4 |
end Example:
|
Exits global configuration mode and returns to privileged EXEC mode. |
Troubleshooting Tips
% SSH command rejected: All mac algorithms cannot be disabled
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ip ssh {server | client} algorithm kex {curve25519-sha256 | curve25519-sha256@libssh.org | diffie-hellman-group14-sha1 | diffie-hellman-group14-sha256 | diffie-hellman-group16-sha512 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384|ecdh-sha2-nistp521 } Example:
|
Defines the order of Key Exchange algorithms in the SSH server and client. This order is presented during algorithm negotiation.
|
||
Step 4 |
end Example:
|
Exits global configuration mode and returns to privileged EXEC mode. |
Troubleshooting Tips
% SSH command rejected: All KEX algorithms cannot be disabled
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password, if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ip ssh server algorithm publickey {ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | ecdsa-sha2-nistp521 | rsa-sha2-256 | rsa-sha2-512 | ssh-ed25519 | ssh-rsa | x509v3-ecdsa-sha2-nistp256 | x509v3-ecdsa-sha2-nistp384 | x509v3-ecdsa-sha2-nistp521 | x509v3-rsa2048-sha256 | x509v3-ssh-rsa} Example:
|
Defines the order of public key algorithms in the SSH server. This order is presented during algorithm negotiation.
|
||
Step 4 |
end Example:
|
Exits global configuration mode and returns to privileged EXEC mode. |
Troubleshooting Tips
% SSH command rejected: All public key algorithms cannot be disabled
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
ip ssh server algorithm hostkey {rsa-sha2-512 | rsa-sha2-256 | ssh-rsa | x509v3-ssh-rsa} Example:
|
Defines the order of host key algorithms. Only the configured algorithm is negotiated with the Cisco IOS secure shell (SSH) server.
|
||
Step 4 |
end Example:
|
Exits global configuration mode and returns to privileged EXEC mode. |
Troubleshooting Tips
If you try to disable the last host key algorithm in the configuration, the following message is displayed and the command is rejected:
% SSH command rejected: All hostkey algorithms cannot be disabled
This section provides configuration examples for SSH algorithms for common certification.
Device> enable
Device# configure terminal
Device(config)# ip ssh server algorithm encryption 3des-cbc aes128-cbc aes128-ctr aes128-gcm aes128-gcm@openssh.com aes192-cbc aes192-ctr aes256-cbc aes256-ctr aes256-
gcm aes256-gcm@openssh.com chacha20-poly1305@openssh.com
Device(config)# end
Device> enable
Device# configure terminal
Device(config)# ip ssh client algorithm encryption 3des-cbc aes128-cbc aes128-ctr aes128-gcm aes128-gcm@openssh.com aes192-cbc aes192-ctr aes256-cbc aes256-ctr aes256-
gcm aes256-gcm@openssh.com chacha20-poly1305@openssh.com
Device(config)# end
Device> enable
Device# configure terminal
Device(config)# ip ssh server algorithm mac hmac-sha1 hmac-sha2-256 hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm hmac-sha2-512-etm@openssh.com
Device(config)# end
Device> enable
Device# configure terminal
Device(config)# ip ssh server algorithm kex ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1 curve25519-sha256@libssh.org
Device(config)# end
Device> enable
Device# configure terminal
Device(config)# ip ssh server algorithm publickey ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 rsa-sha2-256 rsa-sha2-512 ssh-ed25519 ssh-rsa x509v3-ecdsa-sha2-nistp256 x509v3-ecdsa-sha2-nistp384 x509v3-ecdsa-sha2-nistp521 x509v3-rsa2048-sha256 x509v3-ssh-rsa
Device(config)# end
The following example shows how to return to the default behavior in which all public key algorithms are enabled in the predefined order:
Device> enable
Device# configure terminal
Device(config)# default ip ssh server algorithm publickey
Device(config)# end
Device> enable
Device# configure terminal
Device(config)# ip ssh server algorithm hostkey x509v3-ssh-rsa rsa-sha2-512 rsa-sha2-256 ssh-rsaa
Device(config)# end
Step 1 |
enable Enables privileged EXEC mode. Enter your password if prompted. Example:
|
Step 2 |
show ip ssh Displays configured Secure Shell (SSH) encryption, host key, and Message Authentication Code (MAC) algorithms. Example:
|
This table provides release and related information for the features explained in this module.
These features are available in all the releases subsequent to the one they were introduced in, unless noted otherwise.
Release |
Feature |
Feature Information |
---|---|---|
Cisco IOS XE Everest 16.5.1a |
Secure Shell Algorithms for Common Criteria Certification |
The SSH Algorithms for Common Criteria Certification feature provides the list and order of the algorithms that are allowed for Common Criteria Certification. This module describes how to configure the encryption, Message Authentication Code (MAC), and host key algorithms for a secure shell (SSH) server and client so that SSH connections can be limited on the basis of the allowed algorithms list. |
Cisco IOS XE Cupertino 17.7.1 |
Secure Shell Algorithms for Common Criteria Certification |
Support for this feature was introduced on the Cisco Catalyst 9600 Series Supervisor 2 Module (C9600X-SUP-2). |
Cisco IOS XE Cupertino 17.8.1 |
Secure Shell Encryption Algorithms |
Cisco IOS SSH Server and Client support for the following encryption algorithms have been introduced:
|
Cisco IOS XE Cupertino 17.9.1 |
Secure Shell Encryption Algorithms |
Cisco IOS SSH Server and Client support for the following encryption algorithms have been introduced:
|
Use the Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to Cisco Feature Navigator.