Accessing SSH Hosts using SecureCRT
SecureCRT has support for using X.509 certificates. (read)
SecureCRT users have reported having trouble getting SSH certificates to work on Windows 10/11. The following instructions are confirmed for MacOS.
First, set up a client desktop for Smallstep in accordance with our client quickstart guide. Be sure to run
step ssh loginto make sure you have renewed certificates.Next, perform the following configuration in SecureCRT for each host you wish to connect to.
Create a new Session in Session Manager and edit the properties as follows
Hostname (IP or hostname)
Username (the Smallstep user you'd be logging in as)
Authentication Configuration
Uncheck all Authentication options except for PublicKey
Highlight PublicKey and click the gear icon to configure its properties for certificates
Navigate to the identity_key file found in the end-user's home directory under the hidden USER_HOME_DIR/.step/identity/ directory.
Make sure no other properties are checked as shown below and click OK to save your changes.
SSH2 Configuration for host key algorithms
Under the SSH2 --> Host Key session options, be sure to enable the algorithm labeled as,
ecdsa-sha2-nistp256
Save your changes and attempt to connect to the server from the session manager.