`ssh key-exchange-algorithms`

## Syntax

`ssh key-exchange-algorithms ``<KEY-EXCHANGE-ALGORITHMS-LIST>`
no ssh key-exchange-algorithms

## Description

Configures SSH to use a set of key exchange algorithm types in the specified priority order. The first key exchange type entered in the CLI is considered a first priority. Key exchange algorithms are used to exchange a shared session key with a peer securely. Each option represents an algorithm that is used to distribute a shared key in a way that prevents outside interference, manipulation, or recovery. Only the key exchange algorithms that are specified by the user are configured.

The
`no`

form of this command removes the configuration of key exchange algorithms and reverts SSH to use the default set of algorithms.

## Command context

`config`

## Parameters

`<KEY-EXCHANGE-ALGORITHMS-LIST>`Valid key exchange algorithms are:

`curve25519-sha256`

`curve25519-sha256@libssh.org`

`diffie-hellman-group-exchange-sha1`

`diffie-hellman-group-exchange-sha256`

`diffie-hellman-group14-sha1`

`diffie-hellman-group14-sha256`

`diffie-hellman-group16-sha512`

`diffie-hellman-group18-sha512`

`ecdh-sha2-nistp256`

`ecdh-sha2-nistp384`

`ecdh-sha2-nistp521`

Default set of key exchange algorithms in priority order:`curve25519-sha256`

`curve25519-sha256@libssh.org`

`ecdh-sha2-nistp256`

`ecdh-sha2-nistp384`

`ecdh-sha2-nistp521`

`diffie-hellman-group-exchange-sha256`

`diffie-hellman-group16-sha512`

`diffie-hellman-group18-sha512`

`diffie-hellman-group14-sha256`

`diffie-hellman-group-exchange-sha1`

## Authority

Administrators or local user group members with execution rights for this command.

## Examples

Configuring SSH to use a set of specified key exchange algorithms:

switch(config)#ssh key-exchange-algorithms ecdh-sha2-nistp256 curve25519-sha256 diffie-hellman-group-exchange-sha256

Reverting SSH to use the default set of key-exchange-algorithms:

switch(config)#no key-exchange-algorithms