back to CyProtect - Produkte - SSH - SSH Tectia Connector - Specifications

Overview and Use Platforms Specifications Features & Benefits Interoperability Tectia Connector Datasheet - PDF

SSH Tectia Connector

Fast Facts:

Secure Shell Protocol

• Network connections secured with the Secure Shell v2 protocol
• Stream data compression for slower-speed connections
• Support for multiple communications channel
• Secure X11 session forwarding
• Secure port forwarding that enables secure use of
  business applications
• Support for SOCKS 4 and 5
• Nested tunnels providing simultaneous access to multiple servers through only one port in firewall

Supported Cryptographic Algorithms

• AES (128 / 192 / 256 bit)
• 3DES (168 bit)
• Twofish (128 / 192 / 256 bit)
• Blowfish (128 bit)
• CAST128 (128 bit)
• Arcfour (128 bit)
• DES (56 bit)
• MD5 and SHA-1 hash algorithms
• Diffie-Hellman, DSA, and RSA public-key algorithms
• Support for OpenPGP keys

Supported Authentication Mechanisms

• Passwords
• Host-based (Unix)
• Public-key cryptography
• PKI (X.509 v3 certificates)
• Kerberos (MIT)
• Windows Domain Authentication with GSS-API
• "Keyboard-Interactive" interface for third-party keyboard-based authentication/authorization methods such as:
  - RSA SecurID, (RSA® Secured certified)
  - Symark PowerPassword

Supported PKI Formats and Protocols

• X.509 v3 certificate chain validation (both user and host keys)
• CRL v2 look-up via LDAP, HTTP, or local file
• Online Certificate Status Protocol (OCSP)
• Certificate import via PKCS #12 and PKCS #7
• Support for smart cards and hardware tokens with PKCS #11 and MSCAPI
• PKCS #1 and PKCS #8 private key support

Supported Standards

SSH Tectia client/server solution, which includes SSH Tectia Connector, is based on the Secure Shell protocol, version 2 - SSH2. The protocol is being standardized by the Internet Engineering Task Force (IETF), and is presently in the draft stage. SSH Communications Security has actively participated and contributed to the standardization effort of the SecSh Workgroup of the IEFT. The most up-to-date versions of the SecSh drafts can be found on the IETF website.

IETF drafts
See the documents at http://www.ietf.org/html.charters/secsh-charter.html:

draft-ietf-secsh-userauth-18.txt
This document describes the SSH2 client authentication protocol framework and some commonly used authentication methods. Additional authentication methods are deferred to separate documents.

draft-ietf-secsh-transport-17.txt
This document describes the SSH2 transport layer protocol. The protocol can be used as a basis for a number of secure network services. It provides strong encryption, server authentication, and integrity protection.

draft-ietf-secsh-auth-kbdinteract-05.txt
This document describes a general purpose authentication method for the Secure Shell protocol, suitable for interactive authentications where the authentication data should be entered via a keyboard.

draft-ietf-secsh-publickeyfile-05.txt
This document describes the Secure Shell public key file format.

If you have further questions, please do not hesitate to get in contact with us.