Generating public keys (linux) – Tripp Lite 93-2879 User Manual

Page 179

Advertising
background image

_____________________________________________________________________

B096-016 B096-048 and B092-016 User Manual

Page 179

OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to
effectively eliminate these risks. Additionally, OpenSSH provides a myriad of secure tunneling
capabilities, as well as a variety of authentication methods.

OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of Unix.
OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all
patent-encumbered algorithms removed (to external libraries), all known security bugs fixed,
new features reintroduced and many other clean-ups.

http://www.openssh.com/

The only

changes in the SSH implementation are:

PAM support

EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are
absent from other versions of UNIX

The config files are now in /etc/config. e.g.

o /etc/config/sshd_config instead of /etc/sshd_config
o /etc/config/ssh_config instead of /etc/ssh_config
o /etc/config/users/<username>/.ssh/ instead of /home/<username>/.ssh/

Generating Public Keys (Linux)

To generate new SSH key pairs, use the Linux ssh-keygen command. This will produce an RSA or
DSA public/private key pair and you will be prompted for a path to store the two key files e.g.
id_dsa.pub (the public key) and id_dsa (the private key). For example:

$ ssh-keygen -t [rsa|dsa]
Generating public/private [rsa|dsa] key pair.
Enter file in which to save the key (/home/user/.ssh/id_[rsa|dsa]):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_[rsa|dsa].
Your public key has been saved in /home/user/.ssh/id_[rsa|dsa].pub.
The key fingerprint is:

28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$


It is advisable to create a new directory to store your generated keys. It is also possible to name
the files after the device they will be used for. For example:

$ mkdir keys

$ ssh-keygen -t rsa

Advertising
Popular Brands
Popular manuals