openssh offers the possibility of creating multiple ECDSA keys (ECDSA implementation supports 3 different ECDSA key lengths – they are not compatible between each other). OpenSSH then offers 3 keys to client but in practice client can use only one of those keys.
1. configure a wrlinux 5 RCPL35 project based on any BSP, standard kernel/filesystem 2. On server side we create keys with following commands: /usr/bin/ssh-keygen -t ecdsa -b 256 -f /etc/ssh/ssh_host_ecdsa_256_key /usr/bin/ssh-keygen -t ecdsa -b 384 -f /etc/ssh/ssh_host_ecdsa_384_key /usr/bin/ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_521_key Then we add following entries in /etc/ssh/sshd_config: HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ecdsa_256_key HostKey /etc/ssh/ssh_host_ecdsa_384_key HostKey /etc/ssh/ssh_host_ecdsa_521_key Then on client in /etc/ssh/ssh_config: HostKeyAlgorithms ecdsa-sha2-nistp384 When trying to connect from Client to Server using ssh command – Server during negotiation should offer ecdsa_384 key but it offers ecdsa_256 key (first from HostKey list probably) instead.
