How can I set up the Crypticore authentication?
asked Dec 15 '10 at 15:10
SSH KB ♦
CryptiCore algorithm is supported on Intel x86-based processor architectures with SSH Tectia Server. Use of CryptiCore encryption and data authentication algorithms increases file transfer and tunneling performance.
To enable CryptiCore cipher and MAC make sure that connection rule lists CryptiCore on the lists for allowed ciphers and MACs. On the "Connections and Encryption" page of SSH Tectia Server Configuration GUI tool add email@example.com to Ciphers list and firstname.lastname@example.org to MACs list.
You can also manually edit the server configuration with some XML editor. To enable CryptiCore, include the following in the ssh-server-config.xml file:
<connections> <connection action="allow" tcp-keepalive="no"> <rekey seconds="3600" bytes="1000000000" /> <cipher name="3des-cbc" /> <cipher name="aes128-cbc" /> <cipher name="email@example.com" /> <mac name="hmac-md5" /> <mac name="hmac-sha1" /> <mac name="firstname.lastname@example.org" /> </connection> </connections>
To enable CryptiCore cipher and MAC for the connection profile make sure that CryptiCore cipher and MAC algorithms are listed on "Enabled ciphers" and "Enabled MACs" lists on Ciphers and MACs tabs for the connection profile. By clicking the up arrow move the Crypticore to first one on the lists so that it is tried first when Client and Server sides negotiate the algorithms for the connection.
If you want you can also check the "Use defaults" checkbox on Ciphers and MACs tabs and define CryptiCore on the "Defaults" page of General configuration settings. When CryptiCore Cipher and MAC is enabled on the defaults page then you don't need to define it separately for each connection profile.
answered Dec 15 '10 at 15:12
SSH KB ♦