Georgia SoftWorks

Specify Message Authentication Codes (MACs) for SSH Server

Select MACs for GSW SSH Server

Specify the Message Authentication Code algorithms available to the server that are offered to the client. The Message Authentication Code algorithms are offered to the client in the server’s default order unless specified. The default order will vary from release to release to deliver the best blend of security and performance.

Specify the Message Authentication Algorithms that the server can offer to the client by modifying the registry key szMACs.

The key is:

The following is the default value for Message Authentication Code algorithms.
hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1-etm@openssh.com,hmac-sha1,hmac-sha1-96,hmacmd5,none

The following is the list and order of all algorithms available with the FIPS 140-2 option disabled.
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,none

The following is the list and order of algorithms available with the FIPS 140-2 option enabled.
hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96

The registry parameter bDisableFIPS must be set to 1 to use algorithms which are not on the FIPS list. The default value of this parameter is 0.

The following is the procedure to change the registry key to specify the Message Authentication Code algorithms available to the client.
1. Click the Start button at the bottom left corner of your screen
2. Click RUN
3. Type REGEDIT
4. Click OK
5. Select Registry Key:

6. Select the menu item Edit and then click on Modify
7. Enter the new value for the szMACs and click OK

Watch How to Specify Messge Authenticaion Codes (MACs) for SSH Server

Your browser doesn't support HTML5 video.

The new value will take effect when the GSW SSHD service is restarted

Related Documents:

• Restart SSH Server Service
• Learn more about the GSW SSH Server for Windows
• SSH Server with FIPS 140-2
• Approved SSH Security Key Exchange Algorithms
• GSW Business Tunnel - SSH Tunnel
• SSH Client for Android

Back to SSH Server FAQ

Document Number: FAQ-SSH-EX019001081519

Products

Universal Terminal Server (UTS) Telnet Server UTS w/ SSH Server for Windows FIPS 140-2 Compliant Windows SSH Rocket Terminal Engine RF Directed Terminal I/O (DTIO) Engine Business Tunnel - SSH GSW ConnectBot Client for Android

Legal

Privacy Policy Terms of Use License

Support

Open a Support Ticket Register Your Software Registration Help Utilities Download Contact Us

Payments

Make Payment

Media

Blog Press Releases Social Media Feeds

About GSW section

Innovation About Us Security Sitemap

Contact Us

Sales: +1.706.265.1018 sales@georgiasoftworks.com

Address

Georgia SoftWorks
17 Hwy 9 South
PO Box 567 Dawsonville Ga 30534
USA

Copyright ©2022 Georgia SoftWorks. All Rights Reserved.
www.georgiasoftworks.com