Black Box LES1348A Public key to refer to either idrsa.pub or iddsa.pub, Authorized Keys

For simplicity going forward, the term private key will be used to refer to either id_rsa or id_dsa and

public key to refer to either id_rsa.pub or id_dsa.pub.

To generate the keys using OpenBSD's OpenSSH suite, we use the ssh-keygenprogram:

$ ssh-keygen -t [rsadsa]

Generating public/private [rsadsa] key pair.

Enter file in which to save the key (/home/user/.ssh/id_[rsadsa]):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/user/.ssh/id_[rsadsa].

Your public key has been saved in /home/user/.ssh/id_[rsadsa].pub.

The key fingerprint is:

28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server

$

It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they will be used for. For example:

$ mkdir keys

$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/user/keys/control_room Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/user/keys/control_room Your public key has been saved in /home/user/keys/control_room.pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server

$

You should ensure there is no password associated with the keys. If there is a password, then the console servers will have no way to supply it as runtime.

Authorized Keys:

If the console server selected to be the server will only have one client device, then the authorized_keys file is simply a copy of the public key for that device. If one or more devices will be clients of the server,

_____________________________________________________________________