Browser/SSH Client Compatibility

Minimum Requirements

With the factory default settings (equivalent to a factory reset), the device security setting (policy = None) favors interoperability, but may restrict access to certain Web browsers and SSH clients.
Before beginning the hardening procedure, you should make sure that you are able to configure your SSH client to be compatible with the following:

• Version: SSH2

• KeyExchange: diffie-helmann-group14-sha1

• PublicKey: RSA 2048 bits

• Cipher: AES-128-CTR

• HMAC: HMAC-SHA2-256
  

Browser Compatibility with Cipher Suites

Before making a hardened device available to network users, you should verify browser compatibility (TLS 1.0 to TLS 1.2) with the following (minimal) list of cipher suites, assuming an RSA certificate is used:

• TLS_RSA_WITH_AES_128_CBC_SHA

• TLS_RSA_WITH_AES_128_GCM_SHA256

• TLS_DHE_RSA_WITH_AES_128_CBC_SHA

• TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Supported Browsers

The following browsers are known to work with the Makito X in its factory default state:

• Windows

  • Chrome 46.0 or later

  • Firefox 41.0.2 or later

  • Internet Explorer 11.0

• Mac OS X

  • Safari 9.0 or later

Supported SSH Clients

The following SSH clients are known to work with the Makito X in its factory default state:

• Windows

  • PuTTY 0.64

Supported Cipher Suites

To obtain a list of the cipher suites supported by a given browser, use it to browse to one of the following URLs: