Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Secure Application Connectivity with Application Login

When SSH Tectia is used only to secure business applications (tunneling), it is not always necessary to implement strong user authentication with the SSH Tectia client/server solution. If it is acceptable from the security policy point of view to rely on the security of the application's own login mechanism, there is no need to require end users to perform double login (first to SSH Tectia Server, then to the application itself).

In this use scenario, the added value created by SSH Tectia is:

  • Confidentiality and integrity is provided to application traffic.

  • Passwords used for application login are encrypted in transit.

Note that in this use scenario SSH Tectia may be used in conjunction with a single sign-on (SSO) solution, which eliminates the need to sign on separately to each application.

User-specific authentication can be avoided by creating a common global account for a group of users, with rights to establish tunnels only (specifically no terminal or file access is allowed). The corresponding username and password can then be distributed with SSH Tectia Manager to those (SSH Tectia Connector) users that need to access business applications running on the servers (SSH Tectia Server with Tunneling Expansion Pack). SSH Tectia Connector can then automatically connect to the server with the common user group credentials without the need to prompt the user for any login credentials. Therefore, from the end-user point of view there is no visible additional authentication.

Figure 5.3 shows a network diagram of this use scenario.

Secure application connectivity with application login

Figure 5.3. Secure application connectivity with application login

See also Securing SAP GUI with SSH Tectia Connector Compatibility Note at




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now