Chapter Contents |
Previous |
Next |
SAS/SHARE User's Guide |
Note: These options do not apply to hosts that use the
RSA BSAFE Crypto-J Toolkit. For Java client options, see other documentation
(such as the documentation about the SAS/CONNECT Driver for Java that is provided
with SAS/IntrNet software).
For hosts that use the RSA BSAFE
Crypto-C Toolkit or the Microsoft CryptoAPI, here are the SAS options that
set encryption services attributes.
By default, encryption is used if the NETENCRYPTALGORITHM= option is set and if both the local and remote sides are capable of encryption. If encryption algorithms were specified but either the local or the remote side is incapable of encryption, then encryption is not performed.
Encryption may not be supported at the local or at the remote host for these reasons:
The alias is NETENCRALG.
Set this option at the remote host and, optionally, at the local host to specify one or more encryption algorithms to use in a SAS session. However, the local and remote hosts must share an encryption algorithm in common. If you specify the option in the remote host session only, the local side attempts to select an algorithm that was specified at the remote host. If you also set the option at the local host and specify an algorithm that is not specified at the remote host, the attempt by the local host to connect to that remote host fails.
Valid values for this option are
RC2 | |
RC4 | |
DES | |
TripleDES | |
SAS Proprietary |
The alias is NETENCRKEY.
Valid values for this option are
128 | specifies 1024-bit RSA and 128-bit RC2 and RC4 key algorithms. |
40 | specifies 512-bit RSA and 40-bit RC2 and RC4 key algorithms. |
0 | no value is set. This is the default. |
If you require extra security, set NETENCRYPTKEYLEN=128. If you want to save CPU, set NETENCRYPTKEYLEN=40.
By default, if you try to connect to a host that is capable of only a 40-bit key algorithm with a host that is capable of both 40- bit and 128-bit, the connection using the lesser of the two key lengths is used. If both hosts are capable of 128-bit, then the 128-bit is used. To explicitly set one or the other, set the NETENCRYPTKEYLEN SAS option.
You set this option at either the local or the remote host. The default is NETMAC.
Chapter Contents |
Previous |
Next |
Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.