Reflection for Secure IT Client for Windows PKI Tab (Secure Shell Settings)
Total Page:16
File Type:pdf, Size:1020Kb
User's Guide Reflection for Secure IT Version 7.2 Copyrights and Notices © 2016 Attachmate Corporation, a Micro Focus company. All rights reserved. No part of the documentation materials accompanying this Attachmate software product may be reproduced, transmitted, transcribed, or translated into any language, in any form by any means, without the written permission of Attachmate Corporation. Attachmate, the Attachmate logo, and Reflection are registered trademarks of Attachmate Corporation in the USA. All other trademarks, trade names, or company names referenced in this product are used for identification only and are the property of their respective owners. 1 Introduction 7 2Installation 9 Install Your Attachmate Product on a Workstation . 9 Features Selection Tab . 10 Upgrading from Previous Versions. 10 3 Getting Started 11 Start a New Terminal Session . 11 Display the Configuration Toolbar . 11 Transfer Files Using the FTP Client . 12 Understanding Secure Shell. 13 4 Configuration 15 Settings Files . 15 Secure Shell Client Configuration Files . 15 5 Encryption 17 Supported Cryptographic Algorithms . 17 Federal Information Processing Standard (FIPS). 18 6 Authentication 21 Server Authentication using Public Keys . 21 Server Authentication using Certificates . 22 Client Authentication Methods . 23 Connection Reuse in Secure Shell Sessions. 24 7 Public Key Authentication 27 Managing User Keys . 27 Configure Public Key Authentication . 27 Add Keys to Your User Keys List . 28 Upload Client Public Keys to the Server . 29 Change a User Key Passphrase . 29 Export a User Key . .30 Managing Host Keys . 30 Configure Host Key Checking . 30 Configure the Preferred Host Key Type. 31 The Known Hosts File . 32 Host Key Authenticity Dialog Box . 32 8 Certificate Authentication (PKI) 33 PKI and Certificates . 33 Digital Certificate Stores. 34 Configure Client Authentication using Certificates . 34 Configure Server Authentication using Certificates . 35 Enabling and Disabling Use of the Windows Certificate Store. 35 Configuring Certificate Revocation Checking. .36 Distributing Intermediate Certificates using an LDAP Directory. 37 Contents 3 Reflection Certificate Manager. 37 Open the Reflection Certificate Manager. 38 Personal Tab (Reflection Certificate Manager) . 38 Trusted Certification Authorities Tab (Reflection Certificate Manager) . 38 LDAP Tab (Reflection Certificate Manager). 40 Configuring the LDAP Server for CRL Checking . 41 OCSP Tab (Reflection Certificate Manager) . 41 PKCS#11 Tab (Reflection Certificate Manager). 42 PKCS#11 Provider Dialog Box. 42 9 GSSAPI (Kerberos) Authentication for Secure Shell Sessions 43 Use Reflection Kerberos for GSSAPI Authentication. 43 Kerberos Ticket Forwarding in Secure Shell Sessions . 43 Specifying the Service Principals for GSSAPI Secure Shell Sessions. 44 10 Port Forwarding 45 Local Port Forwarding . 46 Remote Port Forwarding . 48 Forward TCP communications. 49 Forward FTP communications . 50 Configure Multi-hop Secure Shell Sessions. .51 11 Troubleshooting 53 Troubleshooting Secure Shell Connections . 53 Use the Secure Shell Log File . 54 Troubleshooting Reflection Help . 55 12 Customizing and Deploying Installations 57 Administrative Installations. 57 Installing. 57 Planning Your Installation and Deployment . 57 Create an Administrative Installation Point . 58 Install from the Command Line . 59 Installation Logging . 60 Customizing Your Installation . 60 Open the Attachmate Customization Tool . 60 Set up a shortcut to ACT . 61 Creating and Editing Companion Installer Packages. 61 Creating and Editing Transforms . 66 Group Policy Support in Reflection . 69 13 Secure Shell Settings User Interface 71 Reflection Secure Shell Settings Dialog Box . .71 General Tab (Secure Shell Settings) . 71 Proxy Tab (Secure Shell Settings) . ..