SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
        Server Configuration Files >>
        Subconfigurations >>
        Ciphers and MACs >>
            Crypto Hardware Support
            Recommended Algorithms
        Configuring Root Logins
        Restricting User Logins
        Subsystems
        Auditing >>
        Securing the Server >>
        Default sshd2_config Configuration File
        Default ssh_certd_config Configuration File
    Configuring the Client >>
    Authentication >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
    Log Messages >>

Recommended Algorithms

The crypto hardware devices available on zSeries machines implement certain algorithms. Although SSH Tectia Server for IBM z/OS includes most of the algorithms available in SSH Tectia Client and Server products on other platforms, using hardware acceleration is recommended because it will reduce the CPU usage.

Recommended algorithms on System z9 if crypto hardware is enabled:

  • Cipher: 128-bit AES and 3DES (aes128-cbc,3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms on other systems if crypto hardware is enabled:

  • Cipher: 3DES (3des-cbc)
  • MAC: SHA-1 (hmac-sha1)

Recommended algorithms if crypto hardware is not enabled or not installed:

  • Cipher: 128-bit AES (aes128-cbc)
  • MAC: SHA-1 (hmac-sha1)

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice