Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]


All persons who are allowed to operate SSH Tectia Certifier must have an operator account created for them. Operators are identified with a short login name and a password (if TLS client authentication is not used). However, in most situations the most crucial identification method is the operator's TLS certificate.

This certificate can be stored on the operator's personal workstation, or on a cryptographic token such as a smart card.

If software storage is used, the security and the integrity of the used operating system is very important. Normally browsers can be configured to protect the private keys with a password when the private key is generated during web enrollment. Using this security feature is highly recommended.

Note also that if the certificates used for TLS client authentication are stored in the workstation, an operator can login only from the specific workstation that stores the key.

The aforementioned problems can be avoided by creating the keys on a smart card.

Adding Operators

Editing the Operator Information

Operator Access Control Levels

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now