Host Keys

Pragma FortressSSH supports four different host key based server validation / identification options and x509v3 is one of the supported options. For the SSH2 protocol, the options include: DSA host key, RSA host key and x509 certificates. For the SSH1 protocol, the only option supported is the SSH1 host key.

Validating the server is the first step in making a ssh connection. The x509 certificate validates that a server is what the server claims to be and not a ghost machine posing as the real server. The x509 certificates are obtained from trusted source (Certificate Authority) that provide higher cryptographic validation. The x509 certificates require fully qualified server name in order to make connection to a server with x509 based validation support. Unlike DSA/RSA host keys, a known_host file is not needed for x509 based server name validation since the certificate contains account information.

Generate an encryption key

Type: select the type of key to generate

Length in bits: enter the key length in the edit box or using the slider

Filename: name and location of the new key

Comment: enter any comment that should be associated with the key. It will be appended to the file after the key is written.

Passphrase/Confirm Passphrase: Enter matching values if key should be accessible only with a passphrase. The client will not be prompted for the passphrase at any time.