# ssh2 algorithm key-exchange

Use ssh2 algorithm key-exchange to specify key exchange algorithms for SSH2.

Use undo ssh2 algorithm key-exchange to restore the default.

## Syntax

In non-FIPS mode:

ssh2 algorithm key-exchange { dh-group-exchange-sha1 | dh-group1-sha1 | dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } *

undo ssh2 algorithm key-exchange

In FIPS mode:

ssh2 algorithm key-exchange { dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } *

undo ssh2 algorithm key-exchange

## Default

SSH2 uses key exchange algorithms ecdh-sha2-nistp256, ecdh-sha2-nistp384, diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1, and diffie-hellman-group1-sha1 in descending order of priority for algorithm negotiation.

## Views

System view

## Predefined user roles

network-admin

mdc-admin

## Parameters

dh-group-exchange-sha1: Specifies key exchange algorithm diffie-hellman-group-exchange-sha1.

dh-group1-sha1: Specifies key exchange algorithm diffie-hellman-group1-sha1.

dh-group14-sha1: Specifies key exchange algorithm diffie-hellman-group14-sha1.

ecdh-sha2-nistp256: Specifies key exchange algorithm ecdh-sha2-nistp256.

ecdh-sha2-nistp384: Specifies key exchange algorithm ecdh-sha2-nistp384.

## Usage guidelines

If you specify the key exchange algorithms, SSH2 uses only the specified algorithms for algorithm negotiation. The algorithm specified earlier has a higher priority during negotiation.

## Examples

# Specify algorithm **dh-group1-sha1** as the key exchange algorithm for SSH2.

<Sysname> system-view [Sysname] ssh2 algorithm key-exchange dh-group1-sha1

## Related commands

display ssh2 algorithm

ssh2 algorithm cipher

ssh2 algorithm mac

ssh2 algorithm public-key