Georgia SoftWorks

Public/Private Key Creation and Use

Public / Private Key Introduction

Public key authentication is far more secure than passwords and provides exceptional usability benefits. The cryptographic strength of the recommended and trustworthy algorithms are superior to even the longest passwords. The user does not have to remember a password and Public Key Authentication provides automatic logon capabilities. The benefits are substantial.

When using this type of authentication, the entity (SSH client software) being authenticated has a public key and a private key. The private key is kept on the client, while the public key is stored on the server.

In this example we will generate a Public/Private key pair, install the private key on the client and the public key on the server. We also map the public key to a Windows user account, which provides automatic logon on.

Creating a Public / Private Key

There are a multitude of tools available to generate a Public/Private key pair, many at no cost. In this example we will use PuTTYgen to create a public and private key.

  1. Download PuTTYgen. Click on the PuTTYgen executable.
  2. Select the SSH-2 RSA radio button, near the bottom of the window.
  3. Create a key set by clicking on the “Generate” button.

  4. Randomly move the mouse pointer in the open area under the progress bar, until the progress bar completes.

  5. Once the progress bar completes, create an optional key Passphrase1.

  6. Click Save public key and give it a descriptive file name and location to be stored.

  7. Click Save private key and give it a descriptive file name and location to be stored. You may now close the PuTTYgen tool.

You have now create the public/private key pair. The next step is to install the public key on the server and the private key on the client.

Install Public Key on the Server and Map to Windows User Account

  1. Open the Public key you created with notepad or a simple text editor.
  2. Copy the highlighted area as shown below to your clip board. Do not include the leading and trailing description tags.

    ---- BEGIN SSH2 PUBLIC KEY ----Comment:"rsa-key-20160621"

    ---- END SSH2 PUBLIC KEY ----
  3. On the Georgia SoftWorks UTS server, go to Start > All Programs > Georgia SoftWorks UTS > Certificate Mapping Tool for GSW SSH Shield
  4. Expand Public Key Mapping, and select 1-to-1. Next click Add.

  5. Click Enable this mapping and paste the clip board data into the Public key area. Fill out the rest of the fields below.

  6. Click OK, and click Apply. You should now see the mapping you created.

  7. The changes will not take effect until the Georgia SoftWorks SSH Shield service is restarted. Click Yes to restart SSH or No if you intend to restart later.

Watch: Public/Private Key Creation and Use

Your browser doesn't support HTML5 video.

The new value will take effect when the GSW SSHD service is restarted

Back to SSH Server FAQ

Document Number: FAQ-SSH-EX028001081519