Creating host keys

Creating a host key for a Secure Shell server is usually done only once. The server software creates the host key automatically during installation and configuration. Less commonly, an administrator can elect to manually generate a host key and select the encryption algorithm and key length. For those of you familiar with Secure Shell's public-key authentication, the choice of algorithms (DSA or RSA) and the key length (usually between 1024 and 2048 bits long) is identical to the options for those user authentication keys.

A host key consists of two components, a private and a public component. The public component is sent to the client when the client connects. The private component should be protected so that only the administrator and the Secure Shell server have access to it. This cannot be overemphasized. If an adversary acquires a copy of the private host key, it can be used to impersonate your server with complete impunity.

<< What is the purpose of the host key?

Accepting a new host key >>


	Products	Downloads	Purchase	Support	About Us
	VShell Server	VShell Server	Buy Direct	Evaluation	Contact
	SecureCRT	SecureCRT	License Pricing	Updates Policy	Press Releases
	SecureFX	SecureFX	About Encryption Export	FAQs	What's New
	VanDyke ClientPack	VanDyke ClientPack	Orders FAQ	Tips & How-Tos	Customer Stories
	Beta Software	Beta Software	Resellers	Forums	Secure Solutions
Site Map \| Legal Notices \| Privacy Policy \| Refund Policy VShell, SecureCRT, SecureFX, Entunnel, CRT, and AbsoluteFTP are trademarks or registered trademarks of VanDyke Software, Inc. in the United States and/or other countries. All other trademarks or registered trademarks are the property of their respective owners. Copyright © 1995 - VanDyke Software, Inc. All rights reserved.

About Encryption Export

Site Map | Legal Notices | Privacy Policy | Refund Policy

VShell, SecureCRT, SecureFX, Entunnel, CRT, and AbsoluteFTP are trademarks or registered trademarks of VanDyke Software, Inc. in the United States and/or other countries. All other trademarks or registered trademarks are the property of their respective owners.