Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

Tectia

Configuring MACs

The MAC (Message Authentication Code) algorithm(s) used for data integrity verification can be selected in the sshd2_config file:

MACs                hmac-sha1,hmac-md5

The system will attempt to use the different HMAC algorithms in the sequence they are specified on the line. The supported MAC names are the following:

  • hmac-md5

  • hmac-md5-96

  • hmac-sha1

  • hmac-sha1-96

  • hmac-sha256-2@ssh.com

  • hmac-sha224@ssh.com

  • hmac-sha256@ssh.com

  • hmac-sha384@ssh.com

  • hmac-sha512@ssh.com

Special values for this option are the following:

  • Any: allows all the MAC values including none

  • AnyStd: allows only those MACs mentioned in the IETF-SecSh draft (hmac-md5, hmac- md5-96, hmac-sha1, hmac-sha1-96) and none

  • none: means that no cryptographic data integrity method is used

  • AnyMac: the same as Any but excludes none

  • AnyStdMac: the same as AnyStd but exludes none

The default MAC algorithms are:

  • hmac-sha1

  • hmac-sha1-96

  • hmac-sha256-2@ssh.com

  • hmac-sha224@ssh.com

  • hmac-sha256@ssh.com

  • hmac-sha384@ssh.com

  • hmac-sha512@ssh.com

===AUTO_SCHEMA_MARKUP===