How Can I Setup SSH With Public Key Authentication?

Knowledgebase » SSH access» How can I setup SSH with public key authentication?
Unix, Linux and Mac OS X users

Openssh is probably already installed on your Unix, Linux, or Mac OS X host computer. It is available from your operating system vendor, or here.

1. At the shell prompt on your computer, type: ssh-keygen -b 2048 -t dsa

This will generate a 2048 bit RSA key pair.

2. It will prompt you for the location to save the key; Just hit Enter. Answer yes if it asks if you want to overwrite

3. It will then prompt you to enter a passphrase. Enter a passphrase of at least 5 characters. What you type will not be displayed.

4. Then create the .ssh folder on the server if it doesn't already exist and transfer the public key to the server.

ssh [remote-username]@[host] mkdir -p ~/.ssh
scp ~/.ssh/id_rsa.pub [remote-username]@[host]:.ssh/authorized_keys

To use the key: if your username matches on both machines, at your shell prompt, type: ssh [host]
If your usernames are different: ssh [remote-username]@[host]
If you do not provide a remote username, your local username is assumed. If key authentication fails, you'll automatically be prompted for your passsword.

Windows users

As SSH client in Windows environment we recommend Putty. Putty is available here - you will need putty.exe and puttygen.exe

1. Start puttygen. Select SSH2 DSA. Change Number of bits from 1024 bits to 2048 bits for better security. Then click Generate.

2. Move the mouse around inside the Putty Key Generator window until the bar fills up.

3. Wait for the program to generate the key... it may take several minutes.

4. Once it is complete, you can add or change the key comment, as well as add a passphrase (recommended).

5. Click "Save private key" and save it some place safe.

6. Right click the large box that has text starting with "ssh-dss", click Select All. Right click the box again, and click Copy.

7. You may now close the PuTTY Key Generator and start Putty.

8. Connect to your SSH server, and type the following:

mkdir -p ~/.ssh
vi ~/.ssh/authorized_keys

Press a (lowercase a) and right click the PuTTY window. The ssh-dss text will be pasted in. Press ESC followed by ZZ (that's pressing capital Z twice).

Alternatively, you can place the public key in ~/.ssh/authorized_keys using FTP or SFTP.

9. To use public key, start PuTTY, click Auth under SSH category in PuTTY, and click Browse... to choose the private key file. You may then go back to Session and click Save to save the changes to your session.