Fortinet black logo

Handbook

Encryption strength for proxied SSH sessions

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:597597
Download PDF

Encryption strength for proxied SSH sessions

The level of SSH encryption can be set for SSH sessions on a per-profile basis.

Encryption Level Description
compatible This level allows for a broader set of encryption algorithms to be used and is better for compatibility.
high-encryption This level will only allow AES-CTR, AES-GCM and high encryption algorithms to be used for the session.
Syntax:

config firewall ssl-ssh-profile

edit <profile name>

config ssh

set ssh-algorithm {compatible|high-encryption}

end

end

Encryption strength for proxied SSH sessions

The level of SSH encryption can be set for SSH sessions on a per-profile basis.

Encryption Level Description
compatible This level allows for a broader set of encryption algorithms to be used and is better for compatibility.
high-encryption This level will only allow AES-CTR, AES-GCM and high encryption algorithms to be used for the session.
Syntax:

config firewall ssl-ssh-profile

edit <profile name>

config ssh

set ssh-algorithm {compatible|high-encryption}

end

end