Your browser does not allow storing cookies. We recommend enabling them.

Tectia

User Authentication with Passwords

The password authentication method is set up by default, so it is easy to implement and requires no configuring. Since all communication is encrypted, passwords are not available for eavesdroppers.

On Windows, Tectia Server does not need a user management program of its own – the user accounts are created with the standard Windows User Manager.

Tectia Server will record a login failure for each failed password authentication attempt.

On Windows, password authentication uses the Windows password to authenticate the user at login time.

On a Unix system, password authentication uses the /etc/passwd or /etc/shadow file, depending on how the passwords are set up. The shadow password files can be used on Linux and Solaris servers, but not on HP-UX or AIX servers.

To enable password authentication on the server, the authentication-methods element of the ssh-server-config.xml file must contain an auth-password element. For example:

<authentication-methods>
  <authentication action="allow">
    <auth-password failure-delay="2" max-tries="3" />
    ...
  </authentication>
</authentication-methods>  

Also other authentication methods can be allowed.

By using selectors, it is possible to allow or require password authentication only for a specified group of users. For more information, see Using Selectors in Configuration File.

Using the Tectia Server Configuration tool, password authentication can be allowed on the Authentication page. See Authentication.

[Note]Note

Passwords can also be used as a submethod in keyboard-interactive authentication. For more information, see Password Submethod.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more