Set Up Secure Shell (SSH) Connections
Reflection X uses Secure Shell by default for client definitions. To connect using Secure Shell, the computer running your X client must also be running a Secure Shell server. You can use installed sample definitions to get started:
To configure non-default Secure Shell settings:
- Use the Advanced Secure Shell Settings dialog box.
How it works
Reflection X performs the following actions when it establishes a Secure Shell connection.
In the context of the Secure Shell protocol, Reflection Xan X serveracts as a client. The Secure Shell server resides on the same host that's running the X client application. Reflection X runs as a Secure Shell client that must authenticate the Secure Shell server, and must authenticate to this server as a client.
Establish a secure connection
Reflection X negotiates with the Secure Shell server running on the X client host. This negotiation establishes a shared key and cipher to use for session encryption, and a hash to use for data integrity checking.
The host sends identifying information to Reflection X to confirm its identity. By default, Secure Shell servers send the public key of a public/private key pair. Secure Shell servers can also be configured to use X.509 certificates for authentication. If you connect to hosts with this configuration, you can install and configure PKI Services Manager to support certificate validation.
The user sends identifying information to the Secure Shell server to confirm the user's identity. By default, this is done by entering a password or passphrase. You can also configure Reflection X to use public keys or certificates for user authentication.
Forward X11 communications through a secure tunnel
A secure tunnel is established between Reflection X and the X client host. All X11 data is sent securely through this tunnel.