Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
21222324252627282930
3 HP-UX Secure Shell Authentication Methods
This chapter describes the authentication methods supported by HP-UX Secure Shell.
This chapter addresses the following topics:
“Overview (page 24)
“Password Authentication (page 25)
“Public-Key Authentication (page 27)
“Kerberos Authentication (page 28)
“Keyboard-Interactive Authentication” (page 30)
“Host-Based Authentication (page 30)
Overview
Authentication is a means of verifying the identity of a server or client using certain parameters
such as user name, password, and passphrase.
Every HP-UX Secure Shell connection includes server authentication, where the server verifies the
identity of the user requesting access, and client authentication, where the client verifies the identity
of the server.
Server authentication ensures that the HP-UX Secure Shell server is genuine and not an imposter.
Server authentication also guards against a hacker redirecting your network connection to a
different system.
A server authenticates itself to the client using the public-key authentication method. The server
requires the passphrase from the client in order to establish a successful connection.
When a client attempts to connect to a server, the client selects an authentication method and
either presents the appropriate credentials as part of the connection request, or responds to a
prompt sent back by the server. All authentication methods work this way.
HP-UX Secure Shell supports the following authentication methods:
“Password Authentication (page 25)
“Public-Key Authentication (page 27)
“Kerberos Authentication (page 28)
“Keyboard-Interactive Authentication” (page 30)
“Host-Based Authentication (page 30)
Table 9 describes the advantages and disadvantages of the authentication methods supported by
HP-UX Secure Shell.
Table 9 Advantages and Disadvantages of HP-UX Secure Shell Authentication Methods
DisadvantagesAdvantagesAuthentication Method
Users must type passwords every time they
connect to the server. Less secure because
Requires little or no setup.
Convenient for users who travel a lot and
do not like to carry private keys.
Password
the password is transmitted from the client
to the server over the network in clear text.
The password is protected from snooping
while on the network; however, it
24 HP-UX Secure Shell Authentication Methods