Show Contents / Index / Search

Public Key Pane

Getting there

Use the Public Key pane to configure user authentication using public keys.

Note: Items on this pane can be configured globally or as part of a subconfiguration.

Public key authentication



Allow is the default.

Public key storage


User key directory

Specifies the directory used for storing user public keys on the server. You can specify any physical directory, or use one of the following pattern strings to specify user-specific directories. For details see Pattern Strings in Directory Paths.




The user's User profile folder.




The user's Home folder.




The user’s login name.




The user's domain name and login in the format domain.username.



Note: Do not use %u or %U to point to a location within a user's Windows profile folder. Neither of these options works correctly for this purpose. Use these options to create your own user-specific locations in some other location, for example on a shared network file server. For details, see Pattern Strings in Directory Paths.


Authorization file name

The name of the file in the user key directory that contains a list of public keys that can be used for user authentication. The default name is authorization.



Public key minimum length (bits)

Specifies the minimum allowable key size. The default is 512. Allowed values are 512-8192.


Public key maximum length (bits)

Specifies the maximum allowable key size. The default is 8192. Allowed values are 512-8192.



Number of public key attempts

Specifies the maximum number of attempts the server accepts for public key authentication. Once this number is reached, further attempts to authenticate using a public key are rejected, but the connection is not broken. This allows the client to attempt authentication using the next allowed method. The default is 100.

Related Topics

Configure Public Key User Authentication: Reflection for Secure IT Windows Clients

Configure Public Key User Authentication: Reflection for Secure IT UNIX Clients

Record and Use Cached Credentials

User Authentication