PRODUCTS > VSHELL > AUTHENTICATION
 Send us a question or comment

Advanced Authentication Options

VShell® supports a growing number of advanced authentication options so that you can move your organization beyond simple password authentication to better support your security policies.

Public-Key Authentication

Public-Key and PKI Digital Certificate Authentication: Using public-key authentication in a small-scale environment is useful in eliminating embedded passwords in automated scripts and bolstering password schemes (which are subject to dictionary attacks). However, from a system administrator's viewpoint, managing one or more public keys for each user on every machine across a large network may not scale well. VShell server has several options that will make it possible to implement and enforce trusted authentication policies for either the smaller network or the larger enterprise-wide PKI. For the enterprise, VShell now supports the use of X.509 v3 digital certificates on Windows and UNIX platforms. On the smaller or isolated sub-network, the Public Key Assistant feature in VanDyke Software client applications (SecureCRT® and SecureFX® ) makes transferring public keys to the VShell server a simple, secure, one-click operation for end users.

Kerberos via GSSAPI

VShell 2.6 includes plug-in support for Kerberos via a built-in GSSAPI implementation. While patches for adding Kerberos support to open source Secure Shell implementations exist, VShell eliminates the need to download and recompile from source code every time a change is made to either the Secure Shell server or the patch. Starting with version 2.3, VShell implements Kerberos authentication as specified in the IETF draft (draft-ietf-secsh-gsskeyex). VShell is the first Secure Shell server to offer built-in support for user and host authentication using Kerberos via GSSAPI.

Keyboard Interactive with PAM

VShell server for UNIX 2.6 supports the Keyboard Interactive standard. Keyboard interactive allows you to customize authentication using PAM plugins. PAM plugins can, for example, enable password expiration enforcement policies or the use of SecurID cards.

RADIUS servers

VShell for Windows 2.6 allows authentication to RADIUS servers using SecurID or other methods. RADIUS support is implemented through keyboard-interactive authentication.
 
Four Fast Ways to Learn More...
1.  Read more about
VShell Secure Shell server. 		2.  Learn how VShell will benefit your organization. 3.  Explore VShell technical information. 4.  Download a fully-functional evaluation copy now.