Host-based authentication uses the public host key of the client machine to authenticate a user to the remote server. Host-based authentication can be used with Tectia ConnectSecure on Unix. The remote Secure Shell server can be either a Unix, Windows, or z/OS server.

Setting up host-based authentication usually requires administrator (root) privileges on the server. The setup is explained in the Tectia Server Administrator Manual.

	Note
	On AIX, for host-based authentication to work in FIPS mode, an administrator must copy the libcrypto.a file (or a symlink to it) to /usr/lib/ or /lib/. This is required because on AIX, when a binary has the setuid (set user ID upon execution) access right flag, the linker is able to load libraries only from these two directories.