show ssh server

Syntax

show ssh server [vrf <VRF-NAME> | all-vrfs] [vsx-peer]

Description

Shows the SSH server configuration for the specified VRF. Administrators can show the server configuration of all VRFs by using the all-vrfs parameter. If no VRF name is provided in this command, the command shows the SSH server configuration on the default VRF.

When ssh certified-algorithms-only is enabled, command output is adjusted to reflect the algorithms available.

Command context

Operator (>) or Manager (#)

Parameters

all-vrfs

Selects all VRFs.

vrf <VRF-NAME>

Specifies a particular VRF name. The name can be default, mgmt, or a configured VRF instance.

[vsx-peer]

Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed.

Authority

Operators or Administrators. Users without administrator authority can execute this command from the operator context (>) only.

Examples

Showing the SSH server configuration on the default VRF:

switch# show ssh server

SSH server configuration on VRF default :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, ED25519, RSA

    Ciphers   :  chacha20-poly1305@openssh.com,
                 aes128-ctr,aes192-ctr,aes256-ctr,
                 aes128-gcm@openssh.com,aes256-gcm@openssh.com

    MACs      :  umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                 hmac-sha2-256-etm@openssh.com,
                 hmac-sha2-512-etm@openssh.com,
                 hmac-sha1-etm@openssh.com, umac-64@openssh.com,
                 umac-128@openssh.com,
                 hmac-sha2-256,hmac-sha2-512,hmac-sha1

Showing the SSH server configuration on the default VRF when ssh certified-algorithms-only is enabled:

switch# show ssh server

SSH server configuration on VRF default :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, RSA

    Ciphers         :  aes128-ctr,aes256-ctr,aes256-cbc

    MACs            :  hmac-sha2-256,hmac-sha2-512,hmac-sha1

    KexAlgorithms   :  ecdh-sha2-nistp256,ecdh-sha2-nistp384,
                       ecdh-sha2-nistp521,diffie-hellman-group14-sh1

Showing the SSH server configuration on a particular VRF (management):

switch# show ssh server vrf mgmt

SSH server configuration on VRF mgmt :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, ED25519, RSA

    Ciphers   :  chacha20-poly1305@openssh.com,
                 aes128-ctr,aes192-ctr,aes256-ctr,
                 aes128-gcm@openssh.com,aes256-gcm@openssh.com

    MACs      :  umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                 hmac-sha2-256-etm@openssh.com,
                 hmac-sha2-512-etm@openssh.com,
                 hmac-sha1-etm@openssh.com, umac-64@openssh.com,
                 umac-128@openssh.com,
                 hmac-sha2-256,hmac-sha2-512,hmac-sha1

Showing the SSH server configuration for all VRFs:

switch# show ssh server all-vrfs

SSH server configuration on VRF 3 :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, ED25519, RSA

    Ciphers   :  chacha20-poly1305@openssh.com,
                 aes128-ctr,aes192-ctr,aes256-ctr,
                 aes128-gcm@openssh.com,aes256-gcm@openssh.com

    MACs      :  umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                 hmac-sha2-256-etm@openssh.com,
                 hmac-sha2-512-etm@openssh.com,
                 hmac-sha1-etm@openssh.com, umac-64@openssh.com,
                 umac-128@openssh.com,
                 hmac-sha2-256,hmac-sha2-512,hmac-sha1


SSH server configuration on VRF default :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, ED25519, RSA

    Ciphers   :  chacha20-poly1305@openssh.com,
                 aes128-ctr,aes192-ctr,aes256-ctr,
                 aes128-gcm@openssh.com,aes256-gcm@openssh.com

    MACs      :  umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                 hmac-sha2-256-etm@openssh.com,
                 hmac-sha2-512-etm@openssh.com,
                 hmac-sha1-etm@openssh.com, umac-64@openssh.com,
                 umac-128@openssh.com,
                 hmac-sha2-256,hmac-sha2-512,hmac-sha1


SSH server configuration on VRF mgmt :

    IP Version      : IPv4 and IPv6        SSH Version          : 2.0
    TCP Port        : 22                   Grace Timeout (sec)  : 120
    Host-keys       : ECDSA, ED25519, RSA

    Ciphers   :  chacha20-poly1305@openssh.com,
                 aes128-ctr,aes192-ctr,aes256-ctr,
                 aes128-gcm@openssh.com,aes256-gcm@openssh.com

    MACs      :  umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                 hmac-sha2-256-etm@openssh.com,
                 hmac-sha2-512-etm@openssh.com,
                 hmac-sha1-etm@openssh.com, umac-64@openssh.com,
                 umac-128@openssh.com,
                 hmac-sha2-256,hmac-sha2-512,hmac-sha1