I have created a successful profile under my Login ID using Tectia client 220.127.116.11, and this is working well.
Have copied file “ssh-broker-config.xml” to folder C:\Program Files\SSH Communications Security\SSH Tectia\SSH Tectia Broker\ssh-broker-config.xml – with this other users don’t have to register under them.
But when other users login with their login details and try to connect via Tectia client, they still get the dialog box to register the public key.
This happens for users or services who don’t login to server and but will execute the batch via application.
**How can other users still send the files with creating the key?
Can there be a global public key for the whole machine?**
Please let me know what extra needs to be done to get this going.
Thanks in advance,
asked Oct 25 '10 at 07:05
Alternatively you can also save the server hostkey in the system wide location which would make them available for all users on that host and not require prompting to accept it.
Note that they need to be saved in non hashed form by using for example ssh-keyfetch.
On Windows, the system-wide host key files are by default located in:
on pre-Vista Windows:
On Windows Vista and later Windows versions.:
answered Oct 25 '10 at 08:23
To be accurate, the users are not actually creating a key here, they are being prompted to verify the server's identity and either accept or decline it.
In recent enough versions (6.1.4 or newer) of Tectia Client this can be configured to a more sensible setting for batch processing by setting the Host Key Policy to "Trust on First Use". This allows the key to be automatically saved on first use and will get a prompt only if the server identity has changed from what it was before.
For example, this is how to configure it in the broker configuration:
For more information see the in the Tectia Broker configuration under auth-server-publickey.