Table of Contents
Advertisement
2.14 Configure Network Settings
Host Keys
You may choose to delete individual RSA or DSA host keys. Should you decide to
delete the RSA or DSA key, the SSH will function, but that form of server authen-
tication will not be available. Should you delete both the RSA and DSA keys, SSH
will not function. In addition, if SSH host keys are being generated at the time of
deletion, the key generation processes are stopped, any keys created will be
deleted, and all key bit sizes are set to 0.
You may choose to delete existing keys and request the creation of new keys,
but it is often simpler to make these requests separately.
You can create individual RSA and DSA Host Public/Private Key pairs. Host keys
must first be deleted before new Host Keys can be created.
SecureSync units have their initial host keys created at the factory. RSA host key
sizes can vary between 768 and 4096 bits. The recommended key size is 1024.
Though many key sizes are supported, it is recommended that users select key
sizes that are powers of 2 or divisible by 2. The most popular sizes are 768, 1024,
and 2048. Large key sizes of up to 4096 are supported, but may take 10 minutes
or more to generate. DSA keys size support is limited to 1024 bits.
Host keys are generated in the background. Creating RSA and DSA keys, each
with 1024 bits length, typically takes about 30 seconds. Keys are created in the
order of RSA, DSA, RSA. When the keys are created, you can successfully make
SSH client connections. If the unit is rebooted with host key creation in progress,
or the unit is booted and no host keys exist, the key generation process is restar-
ted. The key generation process uses either the previously specified key sizes or,
if a key size is undefined, the default key bit length size used is 2048. A key with a
zero length or blank key size field is not created.
The SSH client utilities SSH, SCP, and SFTP allow for several modes of user
authentication. SSH allows you to remotely login or transfer files by identifying
your account and the target machine's IP address. As a user you can authenticate
yourself by using your account password, or by using a Public Private Key Pair.
94
Note:
Should you
exit
the top right corner of the window, or by clicking anywhere out-
side of the window), while filling out the Certificate Request
Parameters form before clicking Submit, any information you
entered will be lost. When switching between tabs within the
SSH Setup
window, however, the information you have entered
will be retained.
the SSH Setup window (by clicking
CHAPTER
•
2
SecureSync 2400 User Manual Rev. 5.2
X
in
Advertisement
Table of Contents
Troubleshooting
