Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Adding and Modifying Pre-Shared Keys

A new entity will automatically have one pre-shared key. You can add new pre-shared keys to an entity by clicking the Add button on the top row of the key table. This adds a new row to the table, displaying the newly created shared secret.

Figure : Pre-shared keys listed

The Type field shows the type of the key - but currently only psk (for pre-shared key) is defined. The Use Count option gives the number of times that this key has been used successfully to enroll a certificate. (Certain policy functions and policy attributes restrict multiple uses of the same key.)

The Reference Number is a unique identification number for this secret, assigned by the SSH Tectia Certifier Engine. This ID is required by the CMP protocol, which uses it to identify the used secret.

The Key field contains the actual shared secret. This is a free-form text string that was randomly generated when the secret was created.

The key can be removed by clicking the Remove button on its table row.

Clicking the Edit button displays more information about the key.

Figure : The Pre-Shared Key page

On this page you can change the key's type and use count. Increasing the Use count can be useful in certain situations, if a well known end user has used the key, but for some reason wants to enroll another certificate with same key. However, the recommended way to do this is to generate a new shared secret and distribute it to the user in order to minimize the possibility of key misuse.

The actual key can also be changed either manually (by typing a new value to the text field) or by clicking the Generate New Secret button. By typing a key, you can allow the use of passwords (passphrases) generated by external systems instead of random character strings generated by SSH Tectia Certifier. These passwords should, however, be of sufficient length.

All changes made on this page are committed to Database by clicking the Commit Changes button on the bottom of the page. This will also return the view to the main entity page. Clicking the Cancel button will discard the changes and return the view directly to the main entity page.

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now