8.2.2 Configure the Preferred Host Key Type

Use Prefer ssh keys over certificates to specify the order of preference for host key algorithms. This setting is useful when the server is configured for both certificate and standard host key authentication. SSH protocol allows only one attempt to authenticate the host. If the host presents a certificate, and the client is not configured for host authentication using certificates, the connection fails. (This is different from user authentication, in which multiple authentication attempts are supported.)

To configure the preferred host key type (standard SSH keys or certificates)

  1. Open the Reflection Secure Shell Settings dialog box.

  2. Click the Host Keys tab.

  3. To have the host use standard host keys for authentication, select Prefer ssh keys over certificates.


    To use certificates for authentication, clear Prefer ssh keys over certificates.


    • Changes you make to this setting are saved to the currently specified SSH configuration scheme.

    • Secure Shell settings are saved to the Secure Shell configuration file. You can also configure Secure Shell settings by editing this file manually in any text editor. The keyword used to configure this setting is HostKeyAlgorithms.