Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

SSH

User Keys

Add the ECDSA algorithms (remove any key sizes you do not wish to allow) to the list of auth-publickey signature-algorithms (within the <authentication-methods> element) in your ssh-server-config.xml:

<authentication-methods>
  <authentication>
    <auth-publickey require-dns-match="no" 
        signature-algorithms="ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, \
        ecdsa-sha2-nistp521,ssh-dss,ssh-rsa,ssh-dss-sha256@ssh.com, \
        ssh-rsa-sha256@ssh.com,x509v3-sign-dss,x509v3-sign-rsa, \
        x509v3-sign-dss-sha256@ssh.com,x509v3-sign-rsa-sha256@ssh.com"/>
    <auth-password />
    <auth-keyboard-interactive />
  </authentication>
</authentication-methods>
[Note]Note

To enable ECDSA keys for X.509, add also the following to the signature-algorithms list: x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521

After you have made the changes, you must stop and start the server to take the new configuration into use:

# /etc/init.d/ssh-server-g3 stop
# /etc/init.d/ssh-server-g3 start

===AUTO_SCHEMA_MARKUP===