Encryption key guidelines – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Features Guide

Section IX: Management Security

397

Encryption Key Guidelines

Observe the following guidelines when creating an encryption key pair:

ˆ

Web browser encryption requires only one key pair.

ˆ

SSH encryption requires two key pairs. The keys must be of different
lengths of at least one increment (256 bits) apart. The recommended
size for the server key is 768 bits and the recommended size for the
host key is 1024 bits.

ˆ

The AT-9400 Switch can only use those key pairs it has generated
itself. The switch cannot use a key created on another system and
imported onto the switch.

ˆ

The AT-S63 Management Software does not allow you to copy or
export a private key from a switch. However, you can export a public
key.

ˆ

The AT-S63 Management Software uses the RSA public key
algorithm.

ˆ

Web browser and SSH encryption can share a key pair on the switch.