Authentication Tab - Advanced Secure Shell Settings

The options in this tab apply to Secure Shell sessions, and determine how host and user authentication are negotiated for the X client definition you are currently configuring.

Host authentication

Specify which authentication methods Reflection X Advantage can use to authenticate the host, and in what order.

In most cases, you don't need to modify the default configuration. However, if the host you are connecting to is configured to support both public key and certificate authentication and you haven't configured Reflection X Advantage to validate host certificates, you may see an error message saying "No PKI server configured". To resolve this problem without configuring PKI Services Manager, clear the X.509 certificate option or move it to the bottom of the list. Secure Shell protocol allows only one attempt to authenticate the host. By forcing public key authentication first, you can authenticate to the host using its public key.

X.509 certificate enables the following host authentication methods, which are attempted in this order: x509v3-rsa2048-sha256, x509v3-sign-rsa, x509v3-sign-dss.

SSH Public key enables the following host authentication methods, which are attempted in this order: ssh-rsa-sha2-256@attachmate.com, ssh-rsa, ssh-dss.

Edit Secure Shell Host Keys

Opens the Secure Shell Host Keys dialog box, which you can use to manage host keys and certificates. (This option is not available from the Administrative Console.)

User authentication

Specify one or more user authentication methods (Public key, Keyboard interactive, and Password) in order of preference.

Secure Shell protocol allows multiple attempts at user authentication. Reflection X Advantage attempts the selected authentication methods in order from top to bottom until the connection is successful or all supported methods have failed.

NOTE:Public key authentication requires configuration on both Reflection X Advantage and the host.

Always prompt for user key during public key authentication

This setting is relevant if you have configured authentication using public keys or certificates and more than one key or certificate is available. (This option is not available from the Administrative Console.)

When this setting is cleared, Reflection X Advantage displays a list of available keys only if you have not previously connected to a host. After you make a successful connection, Reflection X Advantage automatically uses the successful key or certificate for subsequent connections.

When this setting is selected, Reflection X Advantage always shows the list of available keys and certificates.

Edit Secure Shell User Keys

Opens the Secure Shell User Keys dialog box, which you can use to generate public/private key pairs, and to manage which keys or certificates are sent to the host for user authentication. (This option is not available from the Administrative Console.)