Georgia SoftWorks SSH Server increases security with Digital Certificate Authentication providing an easier setup and more manageable option than plain public keys; defining a new level of security for SAP and ERP mobile device users in Data Collection, Warehousing, Distribution, Logistics and Manufacturing environments.
Digital Certificate Authentication is superior to username/password authentication and significantly simpler to configure and manage than plain public keys while providing additional security benefits such as non-repudiation, protection against ‘man-in-the-middle’ and ‘Denial-of-Service’ attacks.
“Public Key Infrastructure (PKI) security is now easily within reach using the Georgia SoftWorks SSH Server for Windows,” said Brian Butler of Georgia SoftWorks. “Digital Certificates makes practical what previously was not feasible for industries that use Barcode Scanners, Data Collection, RFID and Mobile Devices in SAP and other ERP environments.”
The provisioning and maintenance of plain public keys is so complex and labor intensive that many organizations are not capable or willing to expend the necessary resources for implementation. For example, manual editing of a text based configuration file is required for each user when using plain public keys. With dozens or hundreds of users, the time required to properly maintain the system becomes prohibitive.
Conversely, the GSW SSH Server authenticates users by mapping the client digital certificate to a Windows User account. ‘One-to-one’ and ‘Many-to-one’ mappings are configurable through a Windows IIS like GUI greatly simplifying the provisioning process.
“The complexity of provisioning and managing plain public keys is no longer a barrier to a strong PKI with the GSW SSH Server and its Digital Certificate Authentication,” said Luke Batko, Chief Engineer for GSW. “It immediately becomes practicable to take security to the next level.”
The ‘x509v3-sign-rsa’ and ‘x509v3-sign-dss’ SSH authentication standards use digital certificates and furnishes GSW with the protocol base to address many of the issues with plain public keys.
GSW SSH mobile clients support Single Sign On (SSO) through NTLM over GSSAPI (‘gssapi-with-mic’) and the SSH desktop clients support SSO through NTLM and Kerberos over GSSAPI.
Adding the x509v3 compliance is a natural complement to GSW FIPS 140-2 compliant SSH option.