Show Contents / Index / Search

Connect using Secure Shell (SSH)

You can configure Secure Shell connections when you need secure, encrypted communications between a trusted host and your PC over an insecure network. Secure Shell connections ensure that both the client user and the host computer are authenticated; and that all data is encrypted. Passwords are never sent over the network in a clear text format as they are when you use Telnet, FTP, or rlogin. You can use this procedure to connect securely to UNIX and Linux hosts.

Note: Secure Shell connections are available for VT terminal sessions.

Before you start

By default, Secure Shell connections use public key authentication for the host and username/password authentication for the user. To configure a connection using these defaults, you need to make sure your system has a Secure Shell server or servers and that you know the following information:

  • The host name.
  • The User name and password.
  • The port used by the Secure Shell server (the default is 22).

To configure a secure terminal session using Secure Shell (SSH)

  1. Open the Create New Document dialog box.
  2. From the Create New Document dialog box, select the VT Terminal template and click Create.
  3. In the Create New dialog box, under Connection:
    • Select Secure Shell.

      The Port value changes to 22, which is the standard port for Secure Shell connections. If you need to connect to a different port, select Configure additional settings, or use the procedure below to change the default Secure Shell settings.

    • Enter the Host name/IP address.
    • Enter your User name.
  4. Click OK.
  5. The first time you connect, you are prompted to verify the host hey authenticity. Verify the host key fingerprint and select Always.

    Note: Host authentication (performed with public key authentication) enables the Secure Shell client to reliably confirm the identity of the Secure Shell server. If the host public key is not installed on the client, the host fingerprint is displayed and users are prompted to contact the system administrator to verify the fingerprint. This confirmation prevents risk of a "man-in-the-middle" attack, in which another server poses as the host. After the host key is added to the client, Attachmate Reflection 2011 can authenticate the server without requiring user confirmation, and the unknown host prompt does not appear again. The key is saved in a file called known_hosts, which is created in the folder personal_documents_folder\Attachmate\Reflection\.ssh.

  6. When prompted, enter your password.
  7. Click the Save button on the Quick Access toolbar and save the session document.

    The file is saved in [PersonalFolder]\Attachmate\Reflection.

To configure non-default Secure Shell settings

  1. Open a session that you have configured to use Secure Shell. Disconnect if you are connected.
  2. Open the Document Settings dialog box.
  3. Under Host Connection, click Set up Connection Security.
  4. In the Reflection Secure Shell Settings dialog box, configure any non-default settings and then click OK.


  • When you click OK, changes to the default settings are saved in the Secure Shell config file in [PersonalFolder]\Attachmate\Reflection\.ssh
  • If you want to deploy the session to all users of a computer, first rename the config file to ssh_config and the known_hosts file to ssh_known_hosts.

Related Topics

Configure Secure Shell Settings

Connect Using Secure Shell (FTP Client)

Managing Host Keys