SSH

Administration Interface

The administration interface uses an HTTP connection which is protected by TLS (Transport Layer Security). The connection to the administration interface is protected using the following algorithms.

Table 3.3. Tectia Manager uses the following algorithms

Used forAlgorithm

Key-exchange

Diffie-Hellman
RSA

Public-keys for TLS server and (optional) client certificates

DSA (768-, 1024-, 2048-, or 3072-bit key)
RSA (768-, 1024-, 2048-, or 3072-bit key)

Connection encryption

3DES (168-bit key)
AES (128- or 256-bit key)
DES (56-bit key)
IDEA (128-bit key)
RC2 (40- or 128-bit key)
RC4 (40- or 128-bit key)

Data integrity

HMAC MD5 (128-bit key)
HMAC SHA-1 (160-bit key)

The following methods can be used for authenticating the administrator:

  • Username/password through HTTPS - The passwords can be obtained from LDAP/Active Directory or stored in the Management Database.

  • Client-side TLS authentication with a certificate.