SSH authentication using a public key

The SSH protocol and the LCOS-internal SSH server support two different authentication mechanisms:

  1. Interactive by entering a user name and password at the keyboard;
  2. Automated by submitting a public key

In the public key method, a key pair is used that is made up of a private and public key – a digital certificate. The private part of the key pair is saved on the client or with the user (frequently protected with a password, also known as a passphrase); the public part is loaded into the device. By definition, private keys cannot have predefined default values. For this reason, your device in its factory settings only supports interactive authentication by means of access credentials.

The following sections describe how to generate your own SSH key and implement authentication using a public key. For this example we are using LANconfig and the free SSH client PuTTY along with its associated utility PuTTYgen, which is used to generate the necessary key pair. Although PuTTY is available for the Windows and Linux operating systems the following description, like LANconfig, is limited to Windows.

Note: Your device supports RSA, DSA, and DSS keys. RSA keys are somewhat smaller, thereby allowing somewhat faster operation. Further information about the keys mentioned here is available from VPN chapter of the Reference Manual in section Working with digital certificates.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo