Public Key Pane

Getting there

Use the Public Key pane to configure user authentication using public keys.

Note: Items on this pane can be configured globally or as part of a subconfiguration.

Public key authentication

 

Allow/Require/Deny

Allow is the default.

Public key storage

 

User key directory

Specifies the directory used for storing user public keys on the server. You can specify any physical directory, or use one of the following pattern strings to specify user-specific directories. For details see Pattern Strings in Directory Paths.

 

 

%D

The user's User profile folder.

 

 

%H

The user's Home folder.

 

 

%u

The user’s login name.

 

 

%U

The user's domain name and login in the format domain.username.

 

 

Note: Do not use %u or %U to point to a location within a user's Windows profile folder. Neither of these options works correctly for this purpose. Use these options to create your own user-specific locations in some other location, for example on a shared network file server. For details, see Pattern Strings in Directory Paths.

 

Authorization file name

The name of the file in the user key directory that contains a list of public keys that can be used for user authentication. The default name is authorization.

Size

 

Public key minimum length (bits)

Specifies the minimum allowable key size. The default is 512. Allowed values are 512-8192.

 

Public key maximum length (bits)

Specifies the maximum allowable key size. The default is 8192. Allowed values are 512-8192.

Retries

 

Number of public key attempts

Specifies the maximum number of attempts the server accepts for public key authentication. Once this number is reached, further attempts to authenticate using a public key are rejected, but the connection is not broken. This allows the client to attempt authentication using the next allowed method. The default is 100.

Related Topics

Configure Public Key User Authentication: Reflection for Secure IT Client for Windows

Configure Public Key User Authentication: Reflection for Secure IT Client for UNIX

Record and Use Cached Credentials

User Authentication