Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

User Authentication with Public Keys

Public-key authentication is based on the use of digital signatures and provides very good authentication security. To use public-key authentication, the user must first create a key pair on the client, and upload the public key to the server. The default directory for the user's public keys is $HOME/.ssh2/authorized_keys on Unix and %USERPROFILE%\.ssh2\authorized_keys on Windows. The default location can be changed with the authorized-keys-directory attribute in the ssh-server-config.xml file. See auth-publickey.

To enable public-key authentication on the server, the authentication-methods element of the ssh-server-config.xml file must contain an auth-publickey element. For example:

<authentication-methods>
  <authentication action="allow">
    <auth-publickey authorized-keys-directory="%D/.ssh2/authorized_keys" />
    ...
  </authentication>
</authentication-methods>  

Also other authentication methods can be allowed.

By using selectors, it is possible to allow or require public-key authentication only for a specified group of users. See the section called “Selectors” for more information.

On Windows, using the SSH Tectia Server Configuration tool, public-key authentication can be allowed on the Authentication page. See Authentication.


 

 
PrivX
 

 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now