Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Supported Cryptographic Algorithms, Protocols, and Standards

This section lists the supported cryptographic algorithms and standards supported by SSH Tectia client/server solution.

Public-Key Algorithms

The following public-key algorithms are supported:

  • DSA (768-, 1024-, 2048-, or 3072-bit key)

  • RSA (768-, 1024-, 2048-, or 3072-bit key)

Data Integrity Algorithms

The following data integrity algorithms are supported:

  • CryptiCore (Badger) (16-byte key)*

  • MD5 (16-byte key, RFC 2104)

  • SHA-1 (20-byte key, RFC 2104)

* Supported with SSH Tectia Server (with EFT) and Server (with Tunneling)

Encryption Algorithms

For symmetric session encryption, the following algorithms are supported:

  • 3DES (168-bit key)

  • AES (128-, 192-, or 256-bit key)

  • Arcfour (128-bit key)

  • Blowfish (128-bit key)

  • CryptiCore (Rabbit) (128-bit key)*

  • SEED (128-bit key)

  • Twofish (128-, 192-, or 256-bit key)

* Supported with SSH Tectia Server (with EFT) and Server (with Tunneling)

Additional Hardware Crypto Support (SSH Tectia Server for IBM z/OS)

SSH Tectia Server for IBM z/OS supports hardware acceleration on cryptographic operations with the following:

  • 3DES

  • AES

  • SHA-1

  • RNG (random number generation)

FIPS-Certified Cryptographic Library

SSH Tectia Server, Client, and Connector can be operated in FIPS mode, using a version of the cryptographic library that has been certified according to the Federal Information Processing Standard (FIPS) 140-2.

The FIPS 140-2 Cryptographic Library has been validated for the following operating systems:

  • Microsoft Windows XP

  • Sun Solaris 8

  • HP-UX 11.11

In addition, the FIPS 140-2 Cryptographic Library is supported on the following operating systems:

  • Microsoft Windows 2000 and Server 2003

  • Sun Solaris 2.6, 9, 10

  • Red Hat Enterprise Linux 3

  • AIX 5.3

  • HP-UX 11.00, 11.22, 11.23


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more