Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Supported Cryptographic Algorithms, Protocols, and Standards

This section lists the supported cryptographic algorithms and standards supported by SSH Tectia client/server solution.

Public-Key Algorithms

The following public-key algorithms are supported:

  • DSA (768-, 1024-, 2048-, or 3072-bit key)

  • RSA (768-, 1024-, 2048-, or 3072-bit key)

Data Integrity Algorithms

The following data integrity algorithms are supported:

  • CryptiCore (Badger) (16-byte key)*

  • MD5 (16-byte key, RFC 2104)

  • SHA-1 (20-byte key, RFC 2104)

* Supported with SSH Tectia Server (with EFT) and Server (with Tunneling)

Encryption Algorithms

For symmetric session encryption, the following algorithms are supported:

  • 3DES (168-bit key)

  • AES (128-, 192-, or 256-bit key)

  • Arcfour (128-bit key)

  • Blowfish (128-bit key)

  • CryptiCore (Rabbit) (128-bit key)*

  • SEED (128-bit key)

  • Twofish (128-, 192-, or 256-bit key)

* Supported with SSH Tectia Server (with EFT) and Server (with Tunneling)

Additional Hardware Crypto Support (SSH Tectia Server for IBM z/OS)

SSH Tectia Server for IBM z/OS supports hardware acceleration on cryptographic operations with the following:

  • 3DES

  • AES

  • SHA-1

  • RNG (random number generation)

FIPS-Certified Cryptographic Library

SSH Tectia Server, Client, and Connector can be operated in FIPS mode, using a version of the cryptographic library that has been certified according to the Federal Information Processing Standard (FIPS) 140-2.

The FIPS 140-2 Cryptographic Library has been validated for the following operating systems:

  • Microsoft Windows XP

  • Sun Solaris 8

  • HP-UX 11.11

In addition, the FIPS 140-2 Cryptographic Library is supported on the following operating systems:

  • Microsoft Windows 2000 and Server 2003

  • Sun Solaris 2.6, 9, 10

  • Red Hat Enterprise Linux 3

  • AIX 5.3

  • HP-UX 11.00, 11.22, 11.23




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now