As far as I know, it's not really set up to handle multiple users aside from 'root' and 'user', and I'm not sure I can see the point since all the interface and.. pretty much everything, assumes you're doing things as 'user'.. so even SD cards are owned to 'user' for example.

When you say 'certificates', do you mean ssh keys? (I always had it in my mind that a certificate was something set up no a third party server to act as a third vector in an authentication scheme.. maybe I didn't have that terminolgy right? Can anyone verify the usage of the term for me?)

As far as ssh keys go, it's technically more secure than using only password authentication over ssh, as I recall. Thsi is pretty easy to do but there are a lot of steps if you're new to it. Since I've done it routinely, in my mind it's as easy as 1) generate key pair 2) connect to the remote side 3) append my public key into the .ssh/authorized_keys file

Here's the details of how to do it, for the unexperienced in ssh keypairs:

On the side that is going to ssh out to the tablet, I'm assuming you have some kind of ssh command line client like OpenSSH, run the command:

ssh-keygen -t rsa

...to create an RSA style pair of key files (there's also dsa but RSA has more bits involved and so is more secure).

It will ask you for a filename to save the rsa key as. You can just hit enter to accept the standard default location and filename (usually your .ssh hidden directory). Take note of the path and name of the key, though. You will need it soon.

Then it will ask you to enter an optional password... you can enter one if you want that extra notch of extra security but it's not necessary nor much better. You can just hit ENTER twice to leave it empty.

Once that's completed, go to the path of your key and you should see a pair of keys (one is the key you generated--called a private key, the other is one that you can drop into remote systems you want to log into--called a public key).

NOTE: If you open the public key in a text editor and you should see a bunch of readable text along with a big block of garbled text in the middle. If you see this, you're on the right path!

Now, assuming your tablet as the IP address of 192.168.0.5 on your network and your public key file is named id_rsa.pub, from here you can just paste or type in this line (I'll explain what it does in a moment):

cat id_rsa.pub | ssh user@192.168.0.5 'cd /home/user; mkdir .ssh; chmod 700 .ssh;cd .ssh; cat >> authorized_keys; chmod 600 authorized_keys'

What I do here is first print the contents of the public key out--but not to the screen, the | symbol is a pipe which means I'm passing the stream of text to the next command--which is ssh. ssh remotely connects to the tablet and goes on to run the commands between the quotes. I tell the tablet side to go to the user's home as the working path ('cd /home/user', I preferred not to assume I'm already in the home). Then create a .ssh directory (if it already exists, it'll error--which is fine). Then set permissions correctly so SSH will work with the .ssh path (read and write ONLY for the 'user' account). Then I go into .ssh and I append (that's the >>) whatever is being piped to ssh (the public key) onto the end of an authorized_keys file--if the file doesn't already exist, it'll be created). Lastly, I set correct permissions on that file as well. Once that's all done, ssh will just end the session.

Now, you should be able to just 'ssh user@192.168.0.5' to get into your tablet and magically get a shell without being asked for your password.