SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
        Server Configuration Files >>
        Defining Subconfigurations >>
        Configuring Ciphers and MACs >>
            Crypto Hardware Support
            Recommended Algorithms
        Configuring Root Logins
        Restricting User Logins
        Defining Subsystems
        Auditing >>
        Securing the Server >>
    Authentication >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Recommended Algorithms

The crypto hardware devices available on zSeries machines implement certain algorithms. Although SSH Tectia Server for IBM z/OS includes most of the algorithms available in SSH Tectia Client and Server products on other platforms, using hardware acceleration is recommended because it will reduce the CPU usage.

Recommended algorithms on System z9 and z10 if crypto hardware is enabled:

  • Cipher: 128-bit AES and 3DES (aes128-cbc,3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms on other systems if crypto hardware is enabled:

  • Cipher: 3DES (3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms if crypto hardware is not enabled or not installed:

  • Cipher: 128-bit AES (aes128-cbc)
  • MAC: SHA-1 (hmac-sha1)

PreviousNextUp[Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice