previous
next
User certificate authentication (a variation of public key authentication) is an optional feature of the Secure Shell protocol. Both X Manager and the Secure Shell server need to be configured to support this.
You can configure Reflection X Advantage to authenticate using any of the following:
Certificates you have imported into the Reflection X Advantage database.
Personal certificates in the Windows Certificate Store.
Certificates stored on PKCS#11 PKCS (Public Key Cryptography Standards) is a set of standards devised and published by RSA laboratories that enable compatibility among public key cryptography implementations. Different PKCS standards identify specifications for particular cryptographic uses. Reflection X Advantage uses the following PKCS standards: PKCS#5 is used to provide password-based encryption for private keys stored in the Reflection X Advantage database. PKCS#11 provides support for authentication using hardware devices, such as smart cards or USB tokens. PKCS#12 is used for storage and transportation of certificates and associated private keys. Files in this format typically use a *.pfx or *.p12 extension. -compliant hardware devices such as smart cards or USB tokens.
The procedures in this section describe how to configure Reflection X Advantage for each of these certificate stores. After you complete the procedure, you can connect to hosts that have been configured to support certificate authentication.
NOTE:
To help ensure security, you should always specify a passphrase when you use certificates for user authentication. You will need to enter the passphrase each time you connect to the host.
If you have multiple certificates configured, the first time you connect to a host you may be prompted to select a certificate from a list of available certificates. After your first successful connection, Reflection X Advantage will automatically attempt subsequent connections using the same certificate.