Identity Tab

Getting there

Use the Identity tab to configure server authentication.

Host Key

 

Private key

Specifies the filename and location of the private key used to authenticate the server.

 

Key comment

Displays comment text, which includes identifying information about the key.

 

SHA1 fingerprint

Displays the SHA1 hash for this key. Use this value to confirm the host identity when a client displays an unknown host fingerprint using SHA1 (also called Bubble Babble) format.

 

MD5 fingerprint

Displays the MD5 hash for this key. This is the hexadecimal value of the public key. Use this value to confirm the host identity when a client displays an unknown host fingerprint using MD5 format.

 

Generate

Opens the Generate Host Private Key dialog box, from which you can create a new host key.

 

Export

Uses the host private key to create the associated public key. You can add the exported key to a client's trusted host store.

Use host certificate

 

Use host certificate

When this option is cleared (the default), the server always authenticates using its public key.

When this option is selected, the server can authenticate using either its public key or a host certificate. (The authentication method used depends on the client configuration).

 

 

Use the local computer certificate from the Windows certificate store

Select this option to use a local computer certificate from the Windows certificate store.

Click Browse to select a certificate from this store.

Click View to view the contents of the selected certificate.

Note: When you specify a certificate from the Windows certificate store, the setting is valid only on the current computer (or other computers with an identical certificate installed); if you copy your server configuration file to a different system, you need to reconfigure the certificate setting on that system.

 

 

Use the following certificate

Select this option to authenticate using a certificate in a file available on your system. You can use this option with either of the following:

  • A PKCS #12 file (*.pfx or *.p12) that includes both the certificate and the associated private key.
    -or-
  • A certificate file (*.cer) and its associated private key.

     

 

Private key

Specify the filename and location of a private key, or a PKCS#12 file that includes the private key.

Note: The private key used for host authentication cannot be passphrase-protected.

 

 

Certificate

 

Specify the name and location of the certificate.

  • If you specify a PKCS#12 file for Private key, the certificate is automatically exported, and the correct name and location are entered automatically.
  • If the client is not configured for certificate authentication, the server uses public key authentication, even if you have configured certificate authentication on the server.

 

Server version string

 

Server version string

A two-part string sent to the client when a connection is made.

The first part of the string (SSH-2.0-) consists of the SSH version supported by the server, and cannot be edited. The second portion of the string is handled as follows:

 

 

If you

This occurs

 

 

Do not edit this string

The value is generated automatically, and includes the server's build number. This number will be updated automatically when you upgrade your server software.

Note: This value is not saved in the configuration file.

 

 

 

Edit this string

The edited value is saved to your configuration file, and your edited string is not affected by subsequent software upgrades.

 

 

Note: Many Secure Shell clients use the server version string to identify the server manufacturer and modify client behavior to match the server type. If you edit this string, users may encounter unexpected client functionality.

Related Topics

Server Authentication

Configure Public Key Host Authentication

Configure Certificate Server Authentication