To increase file transfer speed, the CryptiCore algorithm should be enabled on the server (if available). To allow non-interactive authentication, public keys can be used.
The CryptiCore algorithm is supported on x86-based processor architectures. It allows increased file transfer speeds for large file transfers.
To use CryptiCore, include the following in the
ssh-server-config.xml
file:
<connections> <connection action="allow" tcp-keepalive="no"> <rekey seconds="3600" bytes="1000000000" /> <cipher name="crypticore128@ssh.com" /> <mac name="crypticore-mac@ssh.com" /> </connection> </connections>
Using the Tectia Server Configuration GUI, this can be set under the Connections and Encryption page, on the Parameters tab. See Parameters.
To enable public-key authentication on the server, include the
following in the ssh-server-config.xml
file:
<authentication-methods login-grace-time="600"> <banner-message /> <auth-file-modes strict="yes" mask-bits="022" /> <authentication> <auth-publickey /> </authentication> </authentication-methods>
The auth-file-modes
element should be set to strict.
This specifies that Tectia Server on Unix checks the permissions and ownership
of the user's key files used for public-key authentication.
Using the Tectia Server Configuration GUI, the same settings can be made under the Authentication page, on the Parameters tab. See Parameters.
Note however, that the auth-file-modes
option is not
available on Windows, because strict host key checking is always used on
Windows.