Create SSH Known Hosts for Sidewinder SSH Proxy

SSH Known Host elements contain the contact information, public key, and fingerprint that you use to authenticate servers that you trust.

Tip: The Sidewinder SSH Proxy logs the SSH server key for each connection attempt. You can optionally add SSH Known Hosts from log entries using the right-click menu.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Browse to Other Elements > Sidewinder Elements > SSH Known Hosts > SSH Known Hosts.
  3. Right-click SSH Known Hosts, then select New SSH Known Host.
  4. In the Name field, specify the name of the element in one of these ways:
    • Enter the domain name of the server.
    • Enter a unique name for the server.
  5. Enter one or more IP addresses.
    Note: You can enter both an IPv4 address and an IPv6 address. You can only enter one address of each type.
    • In the IPv4 Address field, enter the IPv4 address of the server.
      Tip: To automatically resolve the IP address from the domain name, enter the domain name, then click Resolve.
    • In the IPv6 Address field, enter the IPv6 address of the server.
  6. If the server communicates on a port other than the default port (TCP 22), enter the port number in the Port field.
  7. To manually enter the SSH key for the server, enter the key as text.
    1. From the Key Type drop-down list, select the algorithm used for the key.
    2. In the SSH Key field, type or paste the key.
  8. To use an existing key file as the SSH key for the server, import the key file.
    1. Click Import.
    2. Select the key file, then click Open.
  9. To retrieve a public key from a host, follow these steps.
    1. From the Key Type drop-down list, select the algorithm used for the key.
    2. Click Retrieve.
    3. Select a firewall, then click Select.
    The firewall sends a public key request to the host, and retrieves the SSH key and fingerprint.
  10. Click OK.

Next steps

Group SSH Known Host elements using SSH Known Hosts Lists.

SSH Known Host Properties dialog box

Use this dialog box to add or change SSH Known Host elements.

Option Definition
Name Specifies a unique name for the SSH Known Host element.
Resolve Automatically resolves the IP address of the server.
IPv4 Address Specifies the IPv4 address of the server. The server can have both an IPv4 and an IPv6 address. You can enter one IP address of each type.
IPv6 Address Specifies the IPv6 address of the server. The server can have both an IPv4 and an IPv6 address. You can enter one IP address of each type.
Port The port number if the server communicates on a port other than the default port (TCP 22).
OpenSSH Key
Key Type The algorithm used for the key.
SSH Key The public key of the server.
Fingerprint Shows the fingerprint of the server's public key. Not editable.
Import Opens a file browser where you can select an existing key file to import.
Retrieve Retrieves a key from an NGFW Engine.
Category Shows the assigned category. Click Select to open the Category Selection dialog box.