Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Adding and Modifying Pre-Shared Keys

A new entity will automatically have one pre-shared key. You can add new pre-shared keys to an entity by clicking the Add button on the top row of the key table. This adds a new row to the table, displaying the newly created shared secret.


gui-presharedkeys-15.gif
Figure : Pre-shared keys listed

The Type field shows the type of the key - but currently only psk (for pre-shared key) is defined. The Use Count option gives the number of times that this key has been used successfully to enroll a certificate. (Certain policy functions and policy attributes restrict multiple uses of the same key.)

The Reference Number is a unique identification number for this secret, assigned by the SSH Tectia Certifier Engine. This ID is required by the CMP protocol, which uses it to identify the used secret.

The Key field contains the actual shared secret. This is a free-form text string that was randomly generated when the secret was created.

The key can be removed by clicking the Remove button on its table row.

Clicking the Edit button displays more information about the key.


gui-presharedsecret-16.gif
Figure : The Pre-Shared Key page

On this page you can change the key's type and use count. Increasing the Use count can be useful in certain situations, if a well known end user has used the key, but for some reason wants to enroll another certificate with same key. However, the recommended way to do this is to generate a new shared secret and distribute it to the user in order to minimize the possibility of key misuse.

The actual key can also be changed either manually (by typing a new value to the text field) or by clicking the Generate New Secret button. By typing a key, you can allow the use of passwords (passphrases) generated by external systems instead of random character strings generated by SSH Tectia Certifier. These passwords should, however, be of sufficient length.

All changes made on this page are committed to Database by clicking the Commit Changes button on the bottom of the page. This will also return the view to the main entity page. Clicking the Cancel button will discard the changes and return the view directly to the main entity page.


PreviousNextUp[Front page] [Index]


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more