User Keys

Add the ECDSA algorithms (remove any key sizes you do not wish to allow) to the list of auth-publickey signature-algorithms (within the <authentication-methods> element) in your ssh-server-config.xml:

    <auth-publickey require-dns-match="no" 
        signature-algorithms="ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, \
        ecdsa-sha2-nistp521,ssh-dss,ssh-rsa,, \,x509v3-sign-dss,x509v3-sign-rsa, \,"/>
    <auth-password />
    <auth-keyboard-interactive />

To enable ECDSA keys for X.509, add also the following to the signature-algorithms list: x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521

After you have made the changes, you must stop and start the server to take the new configuration into use:

# /etc/init.d/ssh-server-g3 stop
# /etc/init.d/ssh-server-g3 start