In addition to the Tectia Connections Configuration GUI available on Linux, you can use the command line tools for creating and uploading keys.
To create a public key pair, run ssh-keygen-g3 on the command line on Tectia Client:
Client$ ssh-keygen-g3 Generating 3072-bit rsa key pair 15 o.oOo.oOOo.o Key generated. 3072-bit rsa, ClientUser@Client, Mon Aug 15 2022 12:08:07 +0200 Passphrase : Again : Private key saved to /home/ClientUser/.ssh2/id_rsa_3072_a Public key saved to /home/ClientUser/.ssh2/id_rsa_3072_a.pub
ssh-keygen-g3 asks for a passphrase for the new key. Enter a sufficiently long (20 characters or so) sequence of any characters (spaces are OK).
The new authentication key pair consists of two separate files. One of the keys is your private key which must never be made available to anyone but yourself. The private key can only be used together with the passphrase.
The key pair is by default stored in your $HOME/.ssh2
directory
(created by ssh-keygen-g3 if it does not exist previously).
In the example above, the private key file is id_rsa_3072_a
. The
other file id_rsa_3072_a.pub
is your public key, which can be
distributed to other computers.
By default, ssh-keygen-g3 creates a 3072-bit RSA key pair. DSA, ECDSA
or Ed25519 keys can be generated by specifying the -t
option with
ssh-keygen-g3. Key length can be specified with the -b
option. For automated jobs, the key can be generated without a passphrase with the
-P
option:
$ ssh-keygen-g3 -t ecdsa -b 384 -P
To enable public-key authentication with your key pair:
Check that your keys are stored in the default location: the
$HOME/.ssh2
directory.
Connect to Server
using your password.
Use the Secure Shell file copy client scpg3 to upload your
public key to the server, to your default authorized_keys
directory, the $HOME/.ssh2/authorized_keys
directory:
$ scpg3 id_rsa_3072_a.pub ServerUser@Server:.ssh2/authorized_keys/
The server will then use the uploaded public key to authenticate you when you log in after this.