A quick post on how to setup a public-key authentication on an SSH client server, product by SSH Tectia.

Summary: User instruction on how to setup public-key authentication.

In setting up the ssh public-key authentication between servers, local and remote, we have to generate the key pairs and transfer it to the remote/server.

Client Side

The publickey authentication method is enabled by the SSHtectia package by default. A functional ID’s key pair can be generated using the ‘generate_keys’ script (may be located in /export/opt/SSHtectia//util/ or depending on your installation). That script, ‘generate_keys’, is use to generate user key pairs: id_dsa_2048_a and id_dsa_2048_a.pub (default names) in the centralized key location:

/etc/opt/SSHtectia/keys/

The script also creates an ‘identification’ file in /etc/opt/SSHtectial/keys/ that contains the name of the private keys:

# more identification
# SSH Tectia private key
IdKey /etc/opt/SSHtectia/keys/%U/id_dsa_2048_a

# OpenSSH private key
IdKey /etc/opt/SSHtectia/keys/%U/id_dsa

Don’t forget to substitute the private key filename for ‘id_dsa_2048_a’ or ‘id_dsa’ if you are using a different naming convention. If several key pairs are used, list private keys on a separate lines.

Server Side

The publickey authentication method is enabled for functional IDs ONLY by the SSHtectia package (how do we know if an account is such?).

Copy the public key file (i.e. id_dsa_2048_a.pub) to the server, to the centralized key location. You can use sftp, copy paste or any other method to do this.

Also copy the ‘authorization’ file (created by the ‘generate_keys’ script) from the cliet to the server’s centralized key location.

Test the connection.. it should work.. It worked on mine.