Identity consolidation and privileged access management across Windows, Linux, and UNIX serversEnterprise Edition
Detailed auditing of privileged user sessions on Windows, Linux and UNIX systemsPlatinum Edition
Dynamically segment and isolate cross-platform systemsApplication Edition
Secure, centralized single sign-on to on-premise business applications
Single sign-on and unified management for cloud and mobile apps and devicesMac Edition
Centralized security and management for Macs and mobile devicesPremium Edition
SaaS and Mac Editions combined with mobile security managementCentrify for Samsung KNOX
Enterprise management of SSO, MCM and MDM for Samsung KNOX
SSH has become the de facto standard for administrators and users to securely access remote UNIX systems. The combination of the latest versions of OpenSSH supporting Kerberized connections, along with DirectControl's ability to directly integrate UNIX and Linux computers with Active Directory's Kerberos infrastructure, provides system administrators with the ideal environment for secured single sign-on. They can log in from Windows using their Active Directory credentials and then automatically and yet securely access remote UNIX or Linux computers.
You can download the Centrify-enabled version of OpenSSH along with Centrify Express, our free Active Directory-based solution for authentication and single sign-on to cross-platform systems.
While many UNIX systems may have an sshd server installed, most will be older implementations of the sshd server that do not support Kerberos. Centrify provides a compiled version of the latest OpenSSH distribution to make it easier for you to install and use SSH with DirectControl for secured authentication via Kerberos to Active Directory.
Centrify has compiled the standard OpenSSH distribution unmodified, but in the compile process we linked OpenSSH with the DirectControl Kerberos libraries to ensure that single sign-on works seamlessly as expected in an Active Directory environment. This provides several advantages, including:
Another advantage of Centrify-enabled OpenSSH is that it provides you a consistent and more up-to-date version of OpenSSH across your heterogeneous systems that are invariably running different versions of OpenSSH, including versions that may not have the latest security enhancements. For example, say you are running a mixed environment of Ubuntu 10.04, SUSE 11.2 and Fedora 13. That means you are running OpenSSH versions 5.3p1, 5.2p1 and 5.4p1 respectively. Centrify allows you to have a consistent and more up-to-date versions across your heterogeneous environment, that is also being continuously updated and fully supported by Centrify, which is another advantage.
That being said, Centrify provides Centrify-enabled OpenSSH as a convenience to you, but if you want to use the SSH provided by the OS vendor, or use a commercial SSH vendor, Centrify supports that too (and has fully tested our solution in all of these scenarios). Using our supplied OpenSSH is simply an installation choice, and not a requirement. The bottom line is Centrify gives you choice - use the Centrify-enabled OpenSSH with the advantages noted above, the "stock" OpenSSH, or a commercial SSH solution - and Centrify works well with the choice you want. For example, here's a how to video on how to use Centrify Express with stock SSH. Centrify has found that most IT organizations prefer consistency across all their platforms, hence the value of getting an OpenSSH or Samba distribution from a single vendor who supports multiple platforms. In the case of OpenSSH from Centrify, this guarantees support for GSS Key Exchange on all platforms in order to establish trust between hosts, a feature which is not part of the standard OpenSSH distribution. But in the end it is your choice, and choice is good.
Centrify-Enabled OpenSSH Supported Operating SystemsShow More Detail Supported Recent Addition Early Access
Centrify-Enabled OpenSSH Supported Operating SystemsShow Less Detail Supported Recent Addition Early Access