Changes in CLI
Bug ID |
Description |
---|---|
713694 |
Configuring individual ciphers to be used in SSH administrative access can now be done from the CLI. Administrators can select the ciphers and algorithms used for SSH encryption, key exchange, and MAC using the following settings: config system global set ssh-enc-algo <algo 1> [<algo 2> ... <algo n>] set ssh-kex-algo <algo 1> [<algo 2> ... <algo n>] set ssh-mac-algo <algo 1> [<algo 2> ... <algo n>] end Previous configurations for enabling or disabling certain ciphers and algorithms have been deprecated. |
719315 |
Add a new |
721747 |
Add authd SSL control options for maximum protocol version SSL/TLS connections and signature algorithms for HTTPS authentication (affects TLS versions 1.2 and lower): config user setting set auth-ssl-max-proto-version [default | SSLv3 | TLSv1 | TLSv1-1 | TLSv1-2] set auth-ssl-sigalgs [no-rsa-pss | all] end The |
725877 |
Change auto-scale config system auto-scale set primary-ip <IP address> end |
732645 |
Allow Security Fabric upstream to be specified as IP or FQDN, and change the setting from config system csf set upstream <IP or FQDN> end |