Learn Editor: Update set-up-fips-compliant-secure-remote-linux-development.md

snehara99 · snehara99 · commit c99736151e4d · 2024-12-12T14:07:41.000-05:00
diff --git a/docs/linux/set-up-fips-compliant-secure-remote-linux-development.md b/docs/linux/set-up-fips-compliant-secure-remote-linux-development.md
@@ -48,7 +48,7 @@ The examples in this article use Ubuntu 18.04 LTS with OpenSSH server version 7.
    ```
 
    > [!NOTE]
-   > `ssh-rsa` is the only FIPS compliant host key algorithm VS supports. The `aes*-ctr` algorithms are also FIPS compliant, but the implementation in Visual Studio isn't approved. The `ecdh-*` key exchange algorithms are FIPS compliant, but Visual Studio doesn't support them.
+   > `ssh-rsa`, `rsa-sha2-*`, `ecdsa-sha2-*` are the only FIPS compliant host key algorithms VS supports. For more information about what algorithms Visual Studio supports, see [Supported SSH Algorithms](./connect-to-your-remote-linux-computer.md#supported-ssh-algorithms).
 
    You're not limited to these options. You can configure `ssh` to use other ciphers, host key algorithms, and so on. Some other relevant security options you may want to consider are `PermitRootLogin`, `PasswordAuthentication`, and `PermitEmptyPasswords`. For more information, see the `man` page for `sshd_config` or the article [SSH Server Configuration](https://www.ssh.com/ssh/sshd_config).
 
@@ -58,35 +58,35 @@ The examples in this article use Ubuntu 18.04 LTS with OpenSSH server version 7.
    sudo service ssh restart
    ```
 
-Next, you'll create an RSA key pair on your Windows computer. Then you'll copy the public key to the remote Linux system for use by `ssh`.
+Next, you'll create an ECDSA key pair on your Windows computer. Then you'll copy the public key to the remote Linux system for use by ssh.
 
-### To create and use an RSA key file
+### To create and use an ECDSA key file
 
-1. On the Windows machine, generate a public/private RSA key pair by using this command:
+1. On the Windows machine, generate a public/private ECDSA key pair by using this command:
 
    ```cmd
-   ssh-keygen -t rsa -b 4096 -m PEM
+   ssh-keygen -t ecdsa -m PEM
    ```
 
-   The command creates a public key and a private key. By default, the keys are saved to *`%USERPROFILE%\.ssh\id_rsa`* and *`%USERPROFILE%\\.ssh\\id_rsa.pub`*. (In PowerShell, use `$env:USERPROFILE` instead of the cmd macro `%USERPROFILE%`) If you change the key name, use the changed name in the steps that follow. We recommend you use a passphrase for increased security.
+   The command creates a public key and a private key. By default, the keys are saved to %USERPROFILE%\.ssh\id_ecdsa and %USERPROFILE%\.ssh\id_ecdsa.pub. (In PowerShell, use $env:USERPROFILE instead of the cmd macro %USERPROFILE%) Keys generated with RSA are also supported. If you change the key name, use the changed name in the steps that follow. We recommend you use a passphrase for increased security.
 
 1. From Windows, copy the public key to the Linux machine:
 
    ```cmd
-   scp %USERPROFILE%\.ssh\id_rsa.pub user@hostname:
+   scp %USERPROFILE%\.ssh\id_ecdsa.pub user@hostname:
    ```
 
 1. On the Linux system, add the key to the list of authorized keys, and ensure the file has the correct permissions:
 
    ```bash
-   cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
+   cat ~/id_ecdsa.pub >> ~/.ssh/authorized_keys
    chmod 600 ~/.ssh/authorized_keys
    ```
 
 1. Now, you can test to see if the new key works in `ssh`. Use it to sign in from Windows:
 
     ```cmd
-    ssh -i %USERPROFILE%\.ssh\id_rsa user@hostname
+    ssh -i %USERPROFILE%\.ssh\id_ecdsa user@hostname
     ```
 
 You've successfully set up `ssh`, created and deployed encryption keys, and tested your connection. Now you're ready to set up the Visual Studio connection.
@@ -100,11 +100,11 @@ You've successfully set up `ssh`, created and deployed encryption keys, and test
 1. In the Connection Manager dialog, choose the **Add** button to add a new connection.
 
    ![Screenshot showing the options pane in the Connection Manager dialog. Cross Platform > C plus plus > Connection Manager is highlighted.](media/settings_connectionmanager.png)
-
-   The **Connect to Remote System** window is displayed.
+   
+      The **Connect to Remote System** window is displayed.
 
    ![Screenshot showing the Connect to Remote System window, which has text boxes for the host name, port, user name, auth type, and password.](media/connect.png)
-
+   
 1. In the **Connect to Remote System** dialog, enter the connection details of your remote machine.
 
    | Entry | Description |
@@ -125,8 +125,8 @@ You've successfully set up `ssh`, created and deployed encryption keys, and test
    If the connection fails, the entry boxes that need to be changed are outlined in red.
 
    ![Screenshot of the Connect to Remote System window which has host name and port text boxes outlined in red to indicate they need to be changed.](media/settings_connectionmanagererror.png)
-
-   For more information on troubleshooting your connection, see [Connect to your remote Linux computer](connect-to-your-remote-linux-computer.md).
+   
+      For more information on troubleshooting your connection, see [Connect to your remote Linux computer](connect-to-your-remote-linux-computer.md).
 
 ## Command-line utility for the Connection Manager  
 
