RSA, DSA and ECDSA host keys Server! version: 4.0.0+

Our users are aware that old Server! versions (from 1.0 to 3.x) used to support only a single host key, and it had to be an RSA key.

As of version 4.0, though, Server! supports RSA, DSA, and ECDSA host keys, and it support multiple (unlimited) host keys per virtual server.

The addition of DSA keys was mostly driven by the fact that some of our customers possess legacy DSA host/server keys that they are required to use, in order for certain client applications to work properly. The addition of ECDSA host keys instead is a truly remarkable new feature, and to understand why just check out the comparison table here below:

As you can see, a relatively small ECDSA key size is equivalent, in terms of security, to a much longer RSA or DSA key. This means greatly increased security and lower CPU usage. It’s a win-win.

So what’s the downside? Well, being a relatively new technology, ECDSA keys with ECDH key exchange, older client software may not support it yet. But that’s another reason why our version 4.0 now supports multiple host keys, so that you can have both a brand new ECDSA key and a legacy RSA key for all those clients that don’t support the new technology yet.

Print Friendly, PDF & Email
Bookmark the permalink.

Comments are closed.