User Authentication for Secure Shell Sessions

User authentication enables the Secure Shell server to reliably confirm the identity of the Reflection X Advantage user.

Reflection X Advantage supports three methods of user authentication: public key, keyboard interactive, and password. By default all three methods are allowed — new Secure Shell sessions first try to authenticate by public key method, then try the keyboard interactive method, and finally use a password prompt. To change the allowed authentication methods, use the Authentication tab of the Advanced Secure Shell Settings dialog box.

Password and Keyboard Interactive Authentication

Both of these authentication methods prompt the user for information during the connection process. With password authentication the prompt will always be for the user password. With keyboard Interactive authentication the prompts depend on the host and may include a simple password prompt or may ask for other information. Both of these authentication methods are available by default and require no additional configuration.

Public Key Authentication

With public key authentication, the user holds a public/private key pair and sends the public key to the host during the authentication process. You can create key pairs using Reflection X Advantage. You also need to upload your public key to the host and configure the server to use this key for user authentication. For more information, see Configure User Key Authentication.

Certificate Authentication

Like public key authentication, certificate authentication uses public/private key pairs to verify the host identity. However, with certificate authentication, public keys are contained within digital certificates. Reflection X Advantage supports user certificate authentication. To configure this, you need access to a personal certificate and its corresponding private key. You can configure Reflection X Advantage to authenticate using any of the following:

  • Certificates you have imported into the Reflection X Advantage database.
  • Personal certificates in the Windows Certificate Store.
  • Certificates stored on PKCS#11-compliant hardware devices such as smart cards or USB tokens.

To use certificate authentication, you need to configure both Reflection X Advantage and the Secure Shell server on the host computer. For more information, see Configure User Certificate Authentication.

Related Topics

Set Up Secure Shell (SSH) Connections

Configure User Key Authentication

Configure User Certificate Authentication

Secure Shell User Keys Dialog Box

Secure Shell Connection Method