Add host keys for Sidewinder SSH Proxy
In the Engine Editor, you can add host keys for Sidewinder SSH Proxy and specify which host keys are used for specific SSH Proxy Services.
When you enable Sidewinder proxy in the Engine Editor, 3 default SSH Host Keys are
automatically created for the engine. You can optionally replace the automatically created host keys and create more host keys. You
can import existing host keys or generate host keys. You can also associate host keys with specific SSH Proxy Services. Each engine on
which you use the SSH Proxy Service must have one host key of each type.
Note: You can only associate one key of each key type with the
same Service. This limitation includes the default Proxy Service that is used if you do not select a specific Service.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Select Configuration.
- Right-click a Single Firewall or Firewall Cluster and select Edit <element type>.
- In the navigation pane on the left, browse to .
-
(Optional) Generate host keys.
- Next to the Host Keys table, click Add.
- From the Host Key Type drop-down list, select the algorithm to use for the key.
- From the Host Key Length drop-down list, select the length of the key.
- Click Add.
-
(Optional) Import existing host keys.
- Next to the Host Keys table, click Import.
- Select the key file, then click Import.
-
Specify which host keys are used for specific SSH Proxy Services.
- In the Host Keys table, double-click the SSH Proxy Services cell.
- From the Resources list, select one or more Service elements, then click Add.
- Click OK.
- Click Save.
Next steps
Engine Editor – Add-Ons – Sidewinder Proxy
Use this branch to enable and configure Sidewinder Proxies on the engine.
Option | Definition |
---|---|
Enable | When selected, enables Sidewinder Proxy. |
Sidewinder Logging Profile | The selected Sidewinder Logging Profile element for the engine. Click Select to open the Select Element dialog box, where you can select a Sidewinder Logging Profile. |
SSH Proxy | Settings specific to the SSM SSH Proxy. |
SSH Known Hosts Lists | The selected SSH Known Hosts List elements for the engine. |
Add | Opens the SSH Known Hosts Lists dialog box, where you can select an SSH Known Hosts List. |
Remove | Removes the selected element from the list. |
Host Keys | The SSH host keys used by the firewall when it acts as the SSH server in a connection that uses the SSM SSH Proxy. |
Key Type | Shows the signature algorithm used for the host key. |
Key Length | Shows the length of the host key. |
SHA256 Fingerprint | Shows the SHA256 fingerprint of the host key. |
SSH Proxy Services | The SSH Proxy Service element with which the host key is used. Double-click the field to open the Select Element dialog box, where you can select a Service element. |
Comment (Optional) |
A comment for your own reference. |
Add | Opens the Generate New Host Key dialog box. |
Remove | Removes the selected host key from the list. |
Import | Opens the Import Host Key dialog box, where you can import an existing host key. |
Advanced Settings | Opens the Advanced Sidewinder Proxy Settings dialog box. |
Generate New Host Key dialog box
Use this dialog box to create host keys for use with the SSM SSH Proxy.
Option | Definition |
---|---|
Host Key Type | The signature algorithm to use for the host key.
|
Host Key Length | The length of the key in bits. |
Comment | Adds a comment for your own reference. |
Add | Retains your changes and closes the window. |