Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server (M) >>
    Using SSH Tectia Server (M) >>
    Troubleshooting SSH Tectia Server (M) >>
    Configuration >>
    Authentication >>
        Server Authentication with Public Keys >>
        Server Authentication with Certificates >>
        User Authentication with Passwords
        User Authentication with Public Keys >>
        User Authentication with Certificates >>
        Host-Based User Authentication >>
        User Authentication with Keyboard-Interactive >>
            Client Configuration
            Server Configuration
            Pluggable Authentication Module (PAM) Submethod
            RSA SecurID Submethod
            RADIUS Submethod
        User Authentication with GSSAPI >>
    Application Tunneling >>
    Sample Files >>
    Man Pages
    Log Messages >>

Server Configuration

Keyboard-Interactive is not enabled by default on the server. To set up Keyboard-Interactive authentication, do the following steps:

  1. Include the following line in the /etc/ssh2/sshd2_config file:
    AllowedAuthentications   keyboard-interactive
    Also other authentication methods can be listed.
  2. The submethods and policy for Keyboard-Interactive are configured as follows:
    AuthKbdInt.Required       plugin
    AuthKdbInt.Optional       pam,password,radius
    AuthKbdInt.NumOptional    1
    AuthKbdInt.FailureTimeout 2
    AuthKbdInt.Plugin         ssh-securidv5-plugin

    The default number of optional submethods that must be passed is 0, although if no required submethods are specified, the client must always pass at least one optional submethod.

    AuthKbdInt.Plugin is used to specify the program that is used by the plugin submethod in Keyboard-Interactive. SSH Tectia Client and Server converse with this program using a line-based protocol.

    See the sshd2_config man pages for more information on the keywords. See Sections PAM, SecurID, and RADIUS for specific instructions on setting up the different submethods.

  3. Restart the server as instructed in Section Starting the Server.

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2005 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice