Host-based authentication uses the public host key of the client machine to authenticate a user to the remote server. Host-based authentication can be used with Tectia ConnectSecure on Unix. The remote Secure Shell server can be either a Unix, Windows, or z/OS server.
Setting up host-based authentication usually requires administrator (root) privileges on the server. The setup is explained in the Tectia Server Administrator Manual.
On AIX, for host-based authentication to work in FIPS mode, an administrator must copy the libcrypto.a file (or a symlink to it) to /usr/lib/ or /lib/. This is required because on AIX, when a binary has the setuid (set user ID upon execution) access right flag, the linker is able to load libraries only from these two directories.
Copyright 2018 SSH Communications Security Corporation This software is protected by international copyright laws. All rights reserved. Contact Information
What to read next:
Reduce Secure Shell risk. Get to know the NIST 7966.
The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government. Download now
ISACA Practitioner Guide for SSH
With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community. Download now