Your browser does not allow storing cookies. We recommend enabling them.


Connection Broker Configuration

For users of Tectia Client, the most relevant and most typically needed item to configure for the Connection Broker are the connection profile settings. All other settings are typically configured by system administrators.

It is advisable to create connection profiles for servers where you will need to connect repeatedly. The profiles contain the server ID, your user name on that server, and information on the authentication method to be used.

In general, the following aspects can be configured for the Connection Broker:

Secure connection details

These settings define how Tectia Client will establish the secure connections to the remote servers, for example: what type of a connection will be opened, what authentication methods will be applied, will a proxy be used and is tunneling allowed.

User and server authentication methods

The user authentication settings define the methods Tectia Client will use when sending user authentication data to the remote servers. The Tectia Connections Configuration GUI includes a public-key wizard (on Linux and Windows) that helps in creating and uploading public keys to the servers.

The server authentication settings define how the remote servers will be authenticated by Tectia Client.

Tunneling of connections

Tunnels can be defined to secure all or some TCP applications and FTP connections. It is also possible to allow forwarding of X11 sessions and SSH connections from one remote server to another.


The first things to configure are the user authentication settings (creating public keys for the users and uploading them to remote servers) and creating connection profiles for servers where you will need to connect repeatedly.

For instructions on defining the authentication settings, see Chapter 4, and for the authentication-related options in the configuration file, see authentication-methods.

For instructions on creating connection profiles via the GUI, see Defining Connection Profiles, and about adding connection profiles directly into the configuration file, see the section called “The profiles Element”.

For a detailed description of the Connection Broker configuration options, see Appendix A.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more