Create Identity Files with OpenSSH

Public key authentication uses a public-private key pair A pair of keys used with RSA or DSA authentication. The public key is usually kept in a file named Identity.pub, which is then transferred to the remote SSH server and appended to the user's authorized_keys file. Another file usually named Identity contains both the public key and the corresponding private key. This file is kept on the local machine and is used by clients with public key or RSA authentication methods. to log onto an SSH2 The second version of the SSH protocol which provides a way to encrypt network traffic between a client and a server, with a slightly different set of security features than the SSH1protocol provides. server. Setting up public-key authentication The process of verifying that an individual truly is who he or she claims to be. Supplying a password is a very common method of authentication. The most secure method of authentication supported in VShell is public-key authentication. Related glossary terms: identity file, public-private key pair for an SSH2 OpenSSH session A session is a set of options that are assigned to a connection to a remote machine. These settings and options are saved under a session name and allow the user to have different preferences for different hosts. is a multi-step process. Two identity files must be created using OpenSSH; one containing a private key and the other containing the corresponding public key. The public key must also be transferred to the proper location on the VShell server A computer program that provides services to other computer programs (called clients). Often the computer on which a server program runs is also called a server. The term host is often used as a synonym for server. .

To generate and use a public key, there are several tasks that you must perform:

1.   Create identity files.

2.   Configure the VShell server to recognize your identity file Identity files are two files containing the public-private key pair used to connect to an SSH server using RSA or DSA authentication. The identity file contains the public and private key pair and is used by VShell. The Identity.pub file contains only the public key which is usually appended to the authorized_keys file. .

3.   Connecting Using OpenSSH.

The following sections will help you through these tasks.

Creating Identity Files

To create identity files using OpenSSH, perform the following steps:

1.   From the OpenSSH command line, start the OpenSSH key generator using the following command:

ssh-keygen - t <algorithm>

The algorithm can be either dsa or rsa.

2.   Follow the displayed instructions to create your identity files. The public-key file will have the same name as the private-key file, but with an extension of .pub. OpenSSH by default names its identity files either "id_dsa" or "id_rsa" depending on your encryption The process of converting a data transmission into a secret format that cannot easily be read by unauthorized individuals. Related glossary term: decryption. choice. These names can be changed if desired. Once your public-private key pair has been generated be sure to save them in a secure location such that you are the only individual with access to them.

Note: To find an acceptable public key match, the VShell server for Windows will look at all files in the Publickey directory regardless of their extension. The only exception is that VShell will not check those files with names that begin with a period (.). For example, file.pub, key.exe, and xx.cer would be checked to see if they contain a valid key; however, .x.pub would not.

Configuring VShell Server to Recognize Your Identity File

In order to use public-key authentication, you must transfer the public-key file (*.pub) that you created with the OpenSSH key generator to the individual user's folder under the Publickey folder on the VShell server. For example:

C:\Program files\VShell\Publickey\%User%\id_dsa.pub

You can transfer the file in either ASCII or binary format.

Connecting to VShell Using OpenSSH

To connect to VShell using OpenSSH, start OpenSSH from the command line, using the following command:

ssh -i <pathname> <VShell hostname>

In this instruction, pathname is the path to the private-key file on the UNIX host that corresponds to the public key that was transferred to the VShell server.