Reflection for Secure IT Server for Windows > User Authentication > Client Public Key Authentication > Configure Public Key User Authentication: Reflection for Secure IT Client for UNIX

Configure Public Key User Authentication: Reflection for Secure IT Client for UNIX

Public key authentication for Reflection for Secure IT Client for UNIX requires both client and server configuration. Here's a quick overview of the main steps involved. The details are explained in the procedures that follow.

  1. Create a key pair on the client.

  2. Add a line to the client identification file (~/.ssh2/identification) that identifies the private key.

  3. Copy the public key to the user's directory on the server (~/.ssh2).

  4. Add a line to the user's authorization file (~/.ssh2/authorization) on the server that identifies the public key.

To configure the Reflection for Secure IT Client for UNIX

  1. Generate a public/private key pair using the ssh-keygen utility. For example:

    ssh-keygen mykey

  2. In a text editor, open (or create) the client identification file. The default name and location for this file is ~/.ssh2/identification.

  3. Add a line to the client identification file that identifies the private key you created (using the format "IdKey" for the key entry, followed by the name of the private key file). For example:

    IdKey /home/joe/mykey

To configure public key user authentication on the Reflection for Secure IT Server for Windows

  1. Start the server console, and then click Configuration.

  2. Go to Authentication > Public Key and select either Allow or Require.

  3. (Optional) From the User key directory box, specify a folder in which to store user public keys. By default, the server looks for keys in an .ssh2 subfolder in the user folder The user profile folder is configurable by the Windows system administrator. The default is: \Users\username .

    NOTE:This folder must be SFTP-accessible.

  4. (Optional) Specify a filename for the authorization file. By default, the server uses the name authorization.

  5. Copy the client public key to the user key directory on the server. For example, the default location for joe on Windows Server 2008 would be:

    C:\Users\joe\.ssh2

    NOTE:To create a folder with a name starting with a dot, you need to use the DOS command window.

  6. Using a text editor, create or edit the authorization file for this user. For example, the default file for joe on Windows Server 2003 would be:

    C:\Users\joe\.ssh2\authorization

  7. Add a line to the authorization file that identifies the key you copied to the user key directory (using the format "key" for key entries, followed by the public key name). For example:

    key mykey.pub

    NOTE:Public key authentication is not supported for the local Guest account.

Related Topics