OpenSSH provides password-less (by means of GSSAPI), secure, encrypted remote login and file transfer services.
The Quest OpenSSH Configuration policy allows you to manage the OpenSSH server configuration file (sshd.conf) by means of Group Policy. Settings are divided into two sections. The first section contains general SSH server settings. The second section contains settings that are specific to or important for the Quest OpenSSH distribution.
For more detail on specific settings, refer to the sshd-config.conf man page.
You can maintain and distribute license files through Safeguard Authentication Services Group Policy using the Licensing Policy. This policy is retained for backward compatibility. Alternatively, in Safeguard Authentication Services 5.0.1 and above, you can use the Safeguard Authentication Services Control Center to manage licenses.
The Safeguard Authentication Services Licensing policy allows you to specify a set of license files. The next time the Group Policy agent does a policy refresh, Group Policy distributes the license files to the Unix system and performs any additional actions that may be necessary to load the license file information.
Safeguard Authentication Services Licensing entries are append only and cannot be overridden. However, if there is more than one license file with the same serial number, the file is only installed once.
To add an Safeguard Authentication Services license file
- Start Group Policy Editor.
- Select Unix Settings | Authentication Services | Client Configuration in the scope view.
The Licensing Properties dialog opens.
- Click Browse.
- Navigate to the license file.
- Select the license file and click OK.
- Click OK to save settings and close the Licensing Properties dialog.
Defender Settings policy provides one-time password authentication. Install Defender on Unix or Linux to use two-factor authentication to secure critical resources. In order to access a host running Defender, you must enter a one-time password in addition to the account password.
Configure the Defender Settings policy to enable PAM authentication. The Group Policy agent on Unix configures Defender based on the existing Defender access nodes in Active Directory. This allows you to configure which users to prompt for a one-time password as well as which Defender server the agents can communicate with. For more information on configuring Defender access nodes, refer to the One Identity Defender documentation.