Show Contents / Index / Search
Host Keys Tab (Secure Shell Settings)

Getting there

Use the Host Keys tab to manage the keys that authenticate the host to your client session. You can use this tab to view the list of trusted hosts, add or delete host keys, and specify how you want Reflection to handle unknown hosts.

Host authentication enables the Secure Shell client to reliably confirm the identity of the Secure Shell server. This authentication is done using public key authentication. If the host public key has not previously been installed on the client, the first time you attempt to connect you see a message indicating that this is an unknown host. This message includes a fingerprint that identifies the host. To be sure that this is actually your host, you should contact the host system administrator who can confirm that this is the correct fingerprint. Until you know that the host is actually your host, you are at risk of a "man-in-the-middle" attack, in which another server poses as your host. If you select Always in response to this prompt, the host is added to the Trusted Host Keys list. To avoid the need to contact the host administrator, you can add host keys to the the Trusted Host Keys list before the first connection.

The options are:

 

Enforce strict host checking

Specifies how Reflection should handle host key checking when connecting to an unknown host.

 

Prefer ssh keys over certificates

Specifies Reflection's order of preference for host key algorithms. When this setting is unselected (the default), Reflection requests host certificates before host keys. When this setting is selected, Reflection requests host keys before host certificates.

 

Trusted Host Keys

Displays a list of trusted hosts for the current Windows user. You can modify the contents of this list using Import and Delete.

By default, when you attempt a connection to a host that is not on this list, you are asked if you want to trust the new host key. If you select Always in response to this prompt, the host is added to the Trusted Host Keys list.

 

Import

Adds a host's public key to your Trusted Host Keys list.

 

Delete

Removes the selected key from your Trusted Host Keys list.

Caution: You will see no confirmation prompt and this action cannot be undone.

 

Global Host Keys

Displays a list of trusted host keys that are available to all users of the computer. Items on this list can be viewed but not edited.

System administrators can modify the Global Host Keys list using the global known hosts file.