Products


All Products
LogMeIn Rescue
Rescue Lens
LogMeIn Central
LogMeIn Pro
LogMeIn Backup
LogMeIn Hamachi
RemotelyAnywhere
BoldChat
join.me
LastPass
Xively

Contact Us

Give us a call Close X
You can reach us at:

US Canada: 1-866-478-1805

Click here for more phone options

Our Support team is available 7:30 PM Sunday to 9 PM Friday (U.S. EST)
Welcome to LogMeIn Support!
Reset Search
Search

Article

SSH: Public-key and Keyboard-interactive Authentication

« Go Back

Information

 
Answer

The public-key authentication method works only with local accounts and domain accounts on domain controllers (there is no distinction between local and domain accounts on domain controllers). This is due to the Windows security subsystem's dependency on the presence of a password: only restricted functionality can be achieved without one, especially when accessing networked or encrypted resources.
 
Additional restrictions in SSH sessions authenticated with a public-key:
  • Account credentials cannot be delegated over the network on the remote machine. For example, network drives and remote services (like remote registry) cannot be accessed without explicitly authenticating on the target machine using a password.
  • Encrypted resources (like files, private keys, etc.) cannot be accessed.
Keyboard-interactive authentication is required only if RSA SecurID is to be used for two-factor authentication, otherwise it falls back to a simple password authentication. If RSA SecurID is used, there can be several challenges after the password part (like PIN code updates, waiting for the next passcode, etc.).
 
Notes:
  • The Manage Keys button only appears on the preferences page if the logged on user could actually use public-key authentication in an SSH session.
  • When using keyboard-interactive authentication, the username must be entered in the format DOMAIN\username.
Product 

Is this article helpful?

 

   



Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255

 

Close X