Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
        Server Configuration Files >>
        Defining Subconfigurations >>
        Configuring Ciphers and MACs >>
            Crypto Hardware Support
            Recommended Algorithms
        Configuring Root Logins
        Restricting User Logins
        Configuring Code Pages
        Defining Subsystems
        Auditing >>
        Securing the Server >>
    Authentication >>
    System Administration >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Recommended Algorithms

The crypto hardware devices available on zSeries machines implement certain algorithms. Although SSH Tectia Server for IBM z/OS includes most of the algorithms available in SSH Tectia Client and Server products on other platforms, using hardware acceleration is recommended because it will reduce the CPU usage.

Recommended algorithms on System z9 and z10 if crypto hardware is enabled:

  • Cipher: 128-bit AES and 3DES (aes128-cbc,3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms on other systems if crypto hardware is enabled:

  • Cipher: 3DES (3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms if crypto hardware is not enabled or not installed:

  • Cipher: 128-bit AES (aes128-cbc)
  • MAC: SHA-1 (hmac-sha1)

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now