In addition to the Tectia Connections Configuration GUI available on Linux, you can use the command line tools for creating and uploading keys.
To create a public key pair, run ssh-keygen-g3 on the command line on Tectia Client:
Client$ ssh-keygen-g3 Generating 2048-bit rsa key pair 15 o.oOo.oOOo.o Key generated. 2048-bit rsa, ClientUser@Client, Wed Feb 2 2016 12:09:46 +0200 Passphrase : Again : Private key saved to /home/ClientUser/.ssh2/id_rsa_2048_a Public key saved to /home/ClientUser/.ssh2/id_rsa_2048_a.pub
ssh-keygen-g3 asks for a passphrase for the new key. Enter a sufficiently long (20 characters or so) sequence of any characters (spaces are OK).
The new authentication key pair consists of two separate files. One of the keys is your private key which must never be made available to anyone but yourself. The private key can only be used together with the passphrase.
The key pair is by default stored in your
$HOME/.ssh2
directory (created by ssh-keygen-g3
if it does not exist previously).
In the example above, the private key file is id_rsa_2048_a
.
The other file id_rsa_2048_a.pub
is your public key, which
can be distributed to other computers.
By default, ssh-keygen-g3 creates a 2048-bit RSA key
pair. DSA or ECDSA keys can be generated by specifying the -t
option
with ssh-keygen-g3. Key length can be specified with the
-b
option. For automated jobs, the key can be generated without
a passphrase with the -P
option:
$ ssh-keygen-g3 -t ecdsa -b 384 -P
To enable public-key authentication with your key pair:
Check that your keys are stored in the default location:
the $HOME/.ssh2
directory.
Connect to Server
using your password.
Use the Secure Shell file copy client scpg3
to upload your public key to the server, to your default
authorized_keys
directory, the
$HOME/.ssh2/authorized_keys
directory:
$ scpg3 id_rsa_2048_a.pub ServerUser@Server:.ssh2/authorized_keys/
The server will then use the uploaded public key to authenticate you when you log in after this.