User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR41

231

232

233

234

235

236

237

238

239

240

231

Enable support for SSH v2.0

When checked, this checkbox allows the server to negotiate SSH V2. The router must also

have a SSH V2 key present and the filename entered into the SSG configuration.

Actively start key exchange

This option applies to V2 SSH. Some SSH clients wait for the server to initiate the key

exchange process when a new SSH session is started unless they have data to send to the

server, in which case they will initiate the key exchange themselves. When checked, this

checkbox will cause the router to automatically initiate a key exchange without waiting for

the client.

Rekey Never/After n units of data have been transferred

With SSH V2 it is possible to negotiate new encryption keys after the current ones have

been used to encrypt a specified amount of data. The radio buttons select whether this

feature should be used. If this feature is to be used the amount of data is entered into the

text box and the applicable units (Kbytes, Mbytes, Gbytes) selected from the drop-down list.

Encryption Preferences

The following four configuration options allocate preferences to the encryption method that

should be used to encrypt data on the link. A lower value indicates greater preference apart

from zero which disables the option.

3DES

The value in this text box is the preference level for the Triple-DES algorithm.

AES (128 bits)

The value in this text box is the preference level for the 128-bit AES algorithm.

AES (192 bits)

The value in this text box is the preference level for the AES algorithm using 192 bits.

AES (256 bits)

The value in this text box is the preference level for the AES algorithm using 256 bits.

Authentication Preferences

The following four configuration options allocate preferences to the authentication methods

that should be used. As above, a value of zero disables the particular authentication method

and lower values indicated greater preference than higher values. So, for example if MAC

SHA1-96 was the preferred method for authentication, this option would be given the value

1 and the other options given a value of 2 or greater. If all these parameters are set to the

same value, the router automatically uses them in the following order: SHA1, SHA1-96,

MD5, MD5-96.

MAC MD5

The value in this text box is the preference level for MAC MD5.

MAC MD5-96

The value in this text box is the preference level for MAC MD5-96.

MAC SHA1

The value in this text box is the preference level for MAC SHA1.

MAC SHA1-96

The value in this text box is the preference level for MAC SHA1-96.