SSH2
The SSH2 category of the Global Options dialog allows you to configure your SSH2 public-key and agent settings.
See Public-Key Authentication for SSH2 for details on setting up public-key authentication on both the local machines and the SSH2 server.
Public key group
Use identity or certificate file
Selecting this option instructs SecureCRT to use the
identity file or PKCS
#12 file stored on the local system as your method of authentication .
To use an existing file, enter the full path to the file or click on the
browse button to open a file browser to
locate the file. For more information on configuring your system to use
identity files, see Public-Key Authentication
for SSH2.
Advanced group
Add keys to agent
Check this option to enable the SSH2 agent. Agents are programs that work in the background gathering information or performing small processing tasks. In SecureCRT, the implemented agent temporarily holds private keys for use with public-key authentication to multiple remote hosts. For more information on agents, see Using the Agent.
Enable OpenSSH agent forwarding
Check this option to use the agent to connect to a remote machine through another remote machine (see Using the Agent). This option can be overridden on a per-session basis from the Session Options/Connection/SSH2/Advanced category.
Enable deprecated GSSAPI
Check this option to have SecureCRT first attempt to connect using GSSAPI with MIC and then, if that is not successful, try regular GSSAPI. If this box is not checked, SecureCRT will only try to connect using GSSAPI with MIC.
Note: When using Kerberos host and user authentication via GSSAPI, the connection could be vulnerable to a man-in-the-middle attack. Using GSSAPI with MIC eliminates this risk. Although the GSSAPI method has been deprecated, GSSAPI with MIC is not yet widely supported. SecureCRT allows you to attempt to connect using GSSAPI with MIC if it is available on the server.
Cache session password
When this option is set, passwords will be cached while SecureCRT is running so that when re-connecting to that session or connecting in one of the other applications, the password does not have to be re-entered.