Follow

TPP Supported SSH Protocols and Ciphers

When working with TPP to communicate with other systems using SSH you may run into the error "Failed to negotiate a transport component". Below is an example of this error:

sshfailedcommunicationprotocol.png

The protocols that TPP supports are as follows from 17.1:

Ciphers

AES128CBC
AES128CTR
AES192CBC
AES192CTR
AES256CBC
AES256CTR
TripleDESCBC
TripleDESCTR

HMACS

hmac-ripemd160
hmac-sha1
hmac-sha2-256
hmac-sha2-384
hmac-sha2-512

Key Algorithms

ssh-rsa
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521

Note: we no longer support ssh-dss

Key Exchange Algorithms

diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512

Some of these items are not available when running in FIPS mode (eg. Ripemd160)

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk