Configure Kerberos (SFTP Connections)

If you are configuring SFTP connections, you can use Kerberos for authentication.

To configure Kerberos authentication for SFTP sessions

  1. Start the FTP Client.

    This opens the Connect to FTP Site dialog box. (If the FTP Client is already running and this dialog box is not open, go to Connection > Connect.)

  2. Perform one of the following tasks:

    To

    Do This

    Create a new site

    From the Connect to FTP Site dialog box, click New.

    In the Add FTP Site dialog box, enter the name or IP address of your FTP server host, and then click Next.

    In the Login Information dialog box, select User.

    Modify an existing site

    From the Connect to FTP Site dialog box, select a site.

  3. Click Security.

  4. Click the Secure Shell tab.

  5. Select Use Reflection Secure Shell.

  6. (Optional) Specify an SSH config scheme. (If you leave SSH config scheme blank, Reflection saves any changes you make to an SSH configuration scheme with the same name as the current host.)

  7. Click Configure.

  8. On the General tab, under User Authentication, select GSSAPI/Kerberos.

  9. Click the GSSAPI tab.

  10. Configure GSSAPI authentication.

    When SSPI is selected, Reflection uses your Windows domain login credentials to authenticate to the Secure Shell server. Selecting SSPI as your GSSAPI provider configures Reflection to authenticate using Microsoft's Security Support Provider Interface (SSPI).

    When Reflection Kerberos is selected, Reflection uses the Reflection Kerberos client for Kerberos/GSSAPI authentication. Before you can make connections using the Reflection Kerberos client, you must configure Reflection Kerberos on your computer. You can use the Configure button to configure Kerberos if it has not yet been configured on your system, or to modify your existing Kerberos configuration.

  11. Perform one of the following tasks:

    If you are

    Do This

    Creating a new site

    Click OK to close the Security Properties dialog box and then click Next.

    In the FTP User Login dialog box, type your user name on the FTP server and then click Next.

    Click Finish.

    Modifying an existing site

    Click OK to close the open dialog boxes.

NOTE:Kerberos support is not available with the Reflection FTP Client that ships as part of Reflection NFS Client (full product).