Currently TPAM supports the Diffie Helman range of protocols.
2.5.909 - 2.5.915:
TPAM & DPA v3
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha256
diffie-hellman-group-exchange-sha1
2.5.916+:
TPAM
In 2.5.916 TPAM's native SSH client has been updated to OpenSSH 7.2, which removed support for key lengths less than 2048.
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha256
diffie-hellman-group-exchange-sha1 (with a modulus of 2048 or higher)
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
Hotfix_9114 can be installed to add support for diffie-hellman-group1-sha1.
DPA v3
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha256
diffie-hellman-group-exchange-sha1
If using an unsupported KeyEx method on the target system, you will receive an error, when performing a "Test System", "Check Password" or "Reset Password, for example:
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center