Public-key authentication is based on the use of digital signatures and provides the best authentication security. To use public-key authentication, you must first create a key pair on the client, and upload the public key to the server. For more information, see User Authentication with Public Keys.

The Connection Broker operates automatically as an authentication agent. It offers an easy method for utilizing digital certificates and smart cards. The authentication forwarding functionality allows the forwarding of public-key authentication over several Secure Shell connections. The Connection Broker is started automatically when you start SSH Tectia Client.