Your browser does not allow storing cookies. We recommend enabling them.

SSH

Host-Based User Authentication (Unix)

Host-based authentication uses the public host key of the client machine to authenticate a user to the remote server. Host-based authentication can be used with Tectia ConnectSecure on Unix. The remote Secure Shell server can be either a Unix, Windows, or z/OS server.

Setting up host-based authentication usually requires administrator (root) privileges on the server. The setup is explained in the Tectia Server Administrator Manual.

[Note]Note

On AIX, for host-based authentication to work in FIPS mode, an administrator must copy the libcrypto.a file (or a symlink to it) to /usr/lib/ or /lib/. This is required because on AIX, when a binary has the setuid (set user ID upon execution) access right flag, the linker is able to load libraries only from these two directories.


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now