Spectracom SecureSync 1200 User Reference Manual page 87

Host Keys
You may choose to delete individual RSA or DSA host keys. Should you decide to delete the
RSA or DSA key, the SSH will function, but that form of server authentication will not be avail
able. Should you delete both the RSA and DSA keys, SSH will not function. In addition, if SSH
host keys are being generated at the time of deletion, the key generation processes are
stopped, any keys created will be deleted, and all key bit sizes are set to 0.
You may choose to delete existing keys and request the creation of new keys, but it is often sim
pler to make these requests separately.
You can create individual RSA and DSA Host Public/Private Key pairs. Host keys must first be
deleted before new Host Keys can be created.
SecureSync units have their initial host keys created at the factory. RSA host key sizes can vary
between 768 and 4096 bits. The recommended key size is 1024. Though many key sizes are
supported, it is recommended that users select key sizes that are powers of 2 or divisible by 2.
The most popular sizes are 768, 1024, and 2048. Large key sizes of up to 4096 are sup
ported, but may take 10 minutes or more to generate. DSA keys size support is limited to 1024
bits.
Host keys are generated in the background. Creating RSA and DSA keys, each with 1024 bits
length, typically takes about 30 seconds. Keys are created in the order of RSA, DSA, RSA.
When the keys are created you can successfully make SSH client connections. If the unit is
rebooted with host key creation in progress, or the unit is booted and no host keys exist the key
generation process is restarted. The key generation process uses either the previously specified
key sizes or if a key size is undefined, the default key bit length size used is 2048. A key with a
zero length or blank key size field is not created.
The SSH client utilities SSH, SCP, and SFTP allow for several modes of user authentication.
SSH allows you to remotely login or transfer files by identifying your account and the target
machine's IP address. As a user you can authenticate yourself by using your account password,
or by using a Public Private Key Pair.
It is advisable to keep your private key secret within your workstation or network user account,
and provide the SecureSync a copy of your public key. The modes of authentication supported
include:
CHAPTER •
2 SecureSync User Reference Guide Rev. 23
Note: Should you
corner of the window, or by clicking anywhere outside of the window),
while filling out the Certificate Request Parameters form before clicking
Submit , any information you entered will be lost. When switching between
tabs within the
entered will be retained.
Either Public Key with Passphrase or Login Account Password
Login Account Password only
Public Key with Passphrase only
2.14 Configuring Network Settings
exit the SSH Setup window (by clicking
SSH Setup window, however, the information you have
X in the top right
71