Your browser does not allow storing cookies. We recommend enabling them.

SSH

Host Key

Enabling Elliptic Curve Host Keys

To enable ECDSA host-key algorithms for Tectia Server, do the following:

  1. Go to Connections and Encryption and select the Parameters tab. In the Encryption section's Hostkey Algorithms list, select ecdsa-sha2-nistp256, ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521. The algorithms will be highlighted blue when enabled.

    Enabling elliptic curve host-key algorithms for Tectia Server

    Figure 2.6. Enabling elliptic curve host-key algorithms for Tectia Server

  2. Click Apply.

  3. For immediate effect, stop and start Tectia Server.

[Note]Note

To enable ECDSA keys for X.509, repeat the process above but select the algorithms named x509v3-ecdsa-sha2-*.

Creating ECDSA Host Key

  1. Go to the Identity page.

    Creating ECDSA host key

    Figure 2.7. Creating ECDSA host key

  2. In the Host Key (ECDSA) section, click Generate ECDSA Key.

  3. Click Apply.

  4. For immediate effect, stop and start Tectia Server.

[Note]Note

If you wish to use only ECDSA host keys, remove trace of any other host key location.


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now