Top SecretTop Secret - LDAPWEB ADMINISTRATOR FOR TOP SECRET
Issue/Introduction
Can Top Secret generated certificates be used to signon a user via SSH?
Environment
Release : 16.0
Component : CA Top Secret for z/OS
Resolution
Yes a Top Secret generated certificate can be used to signon as long as the version of SSH and the platform they are SSHing into supports signons with digital certificates.
The certificate is basically their password logon into a system and it should not be shared for accountability purposes.
Since the certificate similar to a password, the certificate should also be expired based on a sites password expiration security standards.