Your Secure Shell client will need to be configured to present a certificate for user authentication. The basic steps are outlined here. Details for configuring the Reflection for Secure IT Client for Windows are included in parentheses. For other clients, refer to the client documentation.
To configure the Secure Shell client
Install the user certificate and associated private key on the client computer or configure the system to present certificates using smart cards or USB tokens.
(For connections from the Reflection for Secure IT Client for Windows, you can import certificates using PKCS#12 files (typically *.pfx or *.p12) that contain a certificate and its associated private key. You can import these to either the Windows certificate store or the Reflection certificate store. Access to both stores is available from the dialog box from the tab. To set up connections using smart cards or tokens, from the tab, open the and use the tab.)
Configure the client to authenticate using a certificate.
(In the Reflection for Secure IT Client for Windows, open
dialog box, and select the tab. Certificates you have imported into the Windows and Reflection stores are automatically included in the list of available keys. Select the certificate(s) you want to use for authentication. If you have configured use of a smart card or token, Reflection automatically uses any certificates or keys on the device for user authentication.)Confirm that the client supports public key authentication.
(All Reflection Secure Shell clients support public key authentication by default. To confirm authentication settings from the
dialog box, go to the tab.)