SSH

Using Keys Generated with OpenSSH

Tectia Server supports also user public keys generated with OpenSSH. The OpenSSH keys can be configured the same way as described above for keys generated with Tectia Client.

Alternatively, the OpenSSH-style authorized keys file can be specified in the ssh-server-config.xml file by using the openssh-authorized-keys-file attribute. See auth-publickey. An example configuration is shown below:

<authentication-methods>
  <authentication action="allow">
    <auth-publickey authorization-file="%D/.ssh2/authorization" 
                    openssh-authorized-keys-file="%D/.ssh/authorized_keys" />
    ...
  </authentication>
</authentication-methods>  

Tectia Server checks the file defined in openssh-authorized-keys-file if it cannot find a matching key in the Tectia authorization-file or the authorized-keys-directory. Public keys defined in the Tectia locations have precedence over the keys in the OpenSSH file if the same key is defined in both.