8.2.1 Configure Host Key Checking

Use this procedure to specify how Reflection should behave when connecting to an unknown host.

To configure host key checking

  1. Open the Reflection Secure Shell Settings dialog box.

  2. Click the Host Keys tab.

  3. Click Enforce strict host key checking.

  4. Select one of the following options:



    Ask User (default)

    Display the Host Key Authenticity confirmation dialog box when you connect to an unknown host.


    Enforce strict host key checking — Reflection does not connect if the host is not a trusted host A trusted host is one for which you hold the public key. . Before you can connect, you must add the host key to your list of trusted host keys.


    Prevent enforcement of strict host key checking — Reflection connects without displaying a confirmation dialog box. The host key is not added to the list of trusted keys.


  • Enforce strict host key checking has no effect when the host has been configured to authenticate using X.509 certificates. If a host presents a certificate for host authentication and you do not have the required CA certificate in your Trusted Root store, the connection fails.

  • Changes you make to this setting are saved to the currently specified SSH configuration scheme.

  • Secure Shell settings are saved to the Secure Shell configuration file. You can also configure Secure Shell settings by editing this file manually in any text editor. The keyword used to configure this setting is StrictHostKeyChecking.