Show Contents / Index / Search

Public Key Pane

Getting there

Use the Public Key pane to configure user authentication using public keys.

Note: Items on this pane can be configured globally or as part of a subconfiguration.

Public key authentication

 

Allow

Public keys can be used for client authentication, but are not required.

 

Require

Clients must present a valid public key to connect.

 

Deny

Clients must use some other authentication method besides Public Key to connect.

Public key storage

 

User key directory

Specifies the directory used for storing user public keys on the server. You can specify any physical directory, or use one of the following pattern strings to specify user-specific directories. For details see Pattern Strings in Directory Paths.

 

 

%D

The user's User profile folder .

 

 

%H

The user's Home folder.

 

 

%u

The user's login name.

 

 

%U

The user's domain name and login in the format domain.username.

 

 

Note: Do not use %u or %U to point to a location within a user's Windows profile folder. Neither of these options works correctly for this purpose. Use these options to create your own user-specific locations in some other location, for example on a shared network file server. For details, see Pattern Strings in Directory Paths.

 

Authorization file name

The name of the file in the user key directory that contains a list of public keys that can be used for user authentication. The default name is authorization.

Size

 

Public key minimum length (bits)

Specifies the minimum allowable key size. The default is 512. Allowed values are 512-8192.

 

Public key maximum length (bits)

Specifies the maximum allowable key size. The default is 8192. Allowed values are 512-8192.

Subconfiguration Features

 

Reload inherited settings

Removes subconfiguration-specific values from all settings on this pane. All settings values revert to their current inherited state.

Note: This change is not finalized until you save your configuration using File > Save.

 

non-inherited setting icon (asterisk) (asterisk)

Indicates that the value of a setting is specific to the current subconfiguration. The server always applies the specified value, regardless of any subsequent changes you make to global or inherited settings.

Related Topics

Configure Public Key User Authentication: Reflection for Secure IT Windows Clients

Configure Public Key User Authentication: Reflection for Secure IT UNIX Clients

Use Cached Passwords with Public Key Authentication

Client Authentication