You can configure Secure Shell connections when you need secure, encrypted communications between a trusted host and your PC over an insecure network. Secure Shell connections ensure that both the client user and the host computer are authenticated; and that all data is encrypted. Passwords are never sent over the network in a clear text format as they are when you use Telnet, FTP, or rlogin. You can use this procedure to connect securely to UNIX and Linux hosts.
NOTE:Secure Shell connections are available for VT terminal sessions.
Before you start
By default, Secure Shell connections use public key authentication for the host and username/password authentication for the user. To configure a connection using these defaults, you need to make sure your system has a Secure Shell server or servers and that you know the following information:
The host name.
The User name and password.
The port used by the Secure Shell server (the default is 22).
To configure a secure terminal session using Secure Shell (SSH)
The steps depend on your user interface mode.
User Interface Mode |
Steps |
Ribbon or Reflection Browser |
From the Quick Access Toolbar, click the New Document button. |
TouchUx |
Tap the Folder icon and then under File, select New. |
From the Create New Document dialog box, select the VT Terminal template and click Create.
In the Create New dialog box, under Connection:
Select Secure Shell.
The Port value changes to 22, which is the standard port for Secure Shell connections. If you need to connect to a different port, select Configure additional settings, or use the procedure below to change the default Secure Shell settings.
(Optional) Enter the Host name/IP address. If you omit this, you will be prompted for a host name when you connect.
(Optional) Enter your User name. If you omit this, you will be prompted for a user name when you connect.
Click OK.
The first time you connect, you are prompted to verify the host hey authenticity. Verify the host key fingerprint and select Always.
NOTE:Host authentication (performed with public key authentication) enables the Secure Shell client to reliably confirm the identity of the Secure Shell server. If the host public key is not installed on the client, the host fingerprint is displayed and users are prompted to contact the system administrator to verify the fingerprint. This confirmation prevents risk of a "man-in-the-middle" attack, in which another server poses as the host. After the host key is added to the client, Micro Focus Reflection Desktop can authenticate the server without requiring user confirmation, and the unknown host prompt does not appear again. The key is saved in a file called known_hosts, which is created in the folder %userprofile%\Documents\Micro Focus\Reflection\.ssh.
When prompted, enter your password.
Click the Save button on the Quick Access toolbar and save the session document.
The file is saved in [PersonalFolder]\Micro Focus\Reflection\.
To configure username and password prompts to appear in the terminal window
Open a session that you have configured to use Secure Shell. Disconnect if you are connected.
The steps depend on your user interface mode.
User Interface Mode |
Steps |
Ribbon or Reflection Browser |
With a session open in Reflection, from the Quick Access Toolbar, click . |
TouchUx |
Tap the Gear icon and then select Document Settings. |
Under Host Connection, click Configure Connection Settings.
Under Connection Options, select Handle SSH user authentication in terminal window.
To configure non-default Secure Shell settings
Open a session that you have configured to use Secure Shell. Disconnect if you are connected.
The steps depend on your user interface mode.
User Interface Mode |
Steps |
Ribbon or Reflection Browser |
With a session open in Reflection, from the Quick Access Toolbar, click . |
TouchUx |
Tap the Gear icon and then select Document Settings. |
Under Host Connection, click Set up Connection Security.
In the Reflection Secure Shell Settings dialog box, configure any non-default settings and then click OK.
NOTE:
When you click OK, changes to the default settings are saved in the Secure Shell configfile in [PersonalFolder]\Micro Focus\Reflection\.ssh
If you want to deploy the session to all users of a computer, first rename the config file to ssh_config and the known_hosts file to ssh_known_hosts.