Add host keys for Sidewinder SSH Proxy

In the Engine Editor, you can add host keys for Sidewinder SSH Proxy and specify which host keys are used for specific SSH Proxy Services.

When you enable Sidewinder proxy in the Engine Editor, 3 default SSH Host Keys are automatically created for the engine. You can optionally replace the automatically created host keys and create more host keys. You can import existing host keys or generate host keys. You can also associate host keys with specific SSH Proxy Services. Each engine on which you use the SSH Proxy Service must have one host key of each type.
Note: You can only associate one key of each key type with the same Service. This limitation includes the default Proxy Service that is used if you do not select a specific Service.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Right-click a Single Firewall or Firewall Cluster and select Edit <element type>.
  3. In the navigation pane on the left, browse to Add-Ons > Sidewinder Proxy.
  4. (Optional) Generate host keys.
    1. Next to the Host Keys table, click Add.
    2. From the Host Key Type drop-down list, select the algorithm to use for the key.
    3. From the Host Key Length drop-down list, select the length of the key.
    4. Click Add.
  5. (Optional) Import existing host keys.
    1. Next to the Host Keys table, click Import.
    2. Select the key file, then click Import.
  6. Specify which host keys are used for specific SSH Proxy Services.
    1. In the Host Keys table, double-click the SSH Proxy Services cell.
    2. From the Resources list, select one or more Service elements, then click Add.
    3. Click OK.
  7. Click Save.

Next steps

Add custom Service elements for Sidewinder SSH Proxy.

Engine Editor – Add-Ons – Sidewinder Proxy

Use this branch to enable and configure Sidewinder Proxies on the engine.

Option Definition
Enable When selected, enables Sidewinder Proxy.
Sidewinder Logging Profile The selected Sidewinder Logging Profile element for the engine. Click Select to open the Select Element dialog box, where you can select a Sidewinder Logging Profile.
SSH Proxy Settings specific to the SSM SSH Proxy.
SSH Known Hosts Lists The selected SSH Known Hosts List elements for the engine.
Add Opens the SSH Known Hosts Lists dialog box, where you can select an SSH Known Hosts List.
Remove Removes the selected element from the list.
Host Keys The SSH host keys used by the firewall when it acts as the SSH server in a connection that uses the SSM SSH Proxy.
Key Type Shows the signature algorithm used for the host key.
Key Length Shows the length of the host key.
SHA256 Fingerprint Shows the SHA256 fingerprint of the host key.
SSH Proxy Services The SSH Proxy Service element with which the host key is used. Double-click the field to open the Select Element dialog box, where you can select a Service element.
Comment

(Optional)

A comment for your own reference.
Add Opens the Generate New Host Key dialog box.
Remove Removes the selected host key from the list.
Import Opens the Import Host Key dialog box, where you can import an existing host key.
Advanced Settings Opens the Advanced Sidewinder Proxy Settings dialog box.

Generate New Host Key dialog box

Use this dialog box to create host keys for use with the SSM SSH Proxy.

Option Definition
Host Key Type The signature algorithm to use for the host key.
  • RSA
  • DSA
  • ECDSA
Host Key Length The length of the key in bits.
Comment Adds a comment for your own reference.
Add Retains your changes and closes the window.