The Secure Shell protocol used by the SSH Tectia client/server solution provides mutual authentication – the client authenticates the server and the server authenticates the client user. Both parties are assured of the identity of the other party.

The remote Secure Shell server host can authenticate itself using either traditional public-key authentication or certificate authentication.

Different methods can be used to authenticate Secure Shell client users. These authentication methods can be combined or used separately, depending on the level of functionality and security you want.

Figure 5.1. User authentication methods

User authentication methods used by SSH Tectia Client by default are: public-key, password, keyboard-interactive, and GSSAPI authentication. Public-key and certificate authentication are combined into the public-key authentication method.

For reference information on authentication methods, see technical note SSH Tectia Client/Server User Authentication Methods at http://www.ssh.com/resources/.