Public/Private Key Creation and Use

Public/Private Key Creation and Use 1
Public / Private Key Introduction 1
Creating a Public / Private Key 2
Install Public Key on the Server and Map to Windows User Account 5

Public / Private Key Introduction

Public key authentication is far more secure than passwords and provides exceptional usability benefits. The cryptographic strength of the recommended and trustworthy algorithms are superior to even the longest passwords. The user does not have to remember a password and Public Key Authentication provides automatic logon capabilities. The benefits are substantial.

When using this type of authentication, the entity (SSH client software) being authenticated has a public key and a private key. The private key is kept on the client, while the public key is stored on the server.

In this example we will generate a Public/Private key pair, install the private key on the client and the public key on the server. We also map the public key to a Windows user account, which provides automatic logon on.

Creating a Public / Private Key

There are a multitude of tools available to generate a Public/Private key pair, many at no cost. In this example we will use PuTTYgen to create a public and private key.

Download PuTTYgen. Click on the PuTTYgen executable.
Select the SSH-2 RSA radio button, near the bottom of the window.
Create a key set by clicking on the “Generate” button.

Figure 1: Puttygen Tool for Creating Public/Private Key Pair
Randomly move the mouse pointer in the open area under the progress bar, until the progress bar completes.

Figure 2: Puttygen Tool Uses Mouse-Movement to Create Randomness for Key Creation
Once the progress bar completes, create an optional key Passphrase¹.

Figure 3: Puttygen with Generated Key
Click Save public key and give it a descriptive file name and location to be stored.
Click Save private key and give it a descriptive file name and location to be stored. You may now close the PuTTYgen tool.

You have now create the public/private key pair. The next step is to install the public key on the server and the private key on the client.

Install Public Key on the Server and Map to Windows User Account

Open the Public key you created with notepad or a simple text editor.
Copy the highlighted area as shown below to your clip board. Do not include the leading and trailing description tags.

---- BEGIN SSH2 PUBLIC KEY ----Comment:"rsa-key-20160621"
AAAAB3NzaC1yc2EAAAABJQAAAQEAqqX23vaw7ufsRG2C2RocBfheennpjCLlssgn
zIZMeEa0iIeaNZxwvmlwHokVzY94kvGkMpHcTqUUVAlxifEvgVDthvrHJWiUzN+7
UZh60XI4g1N+rGag/L/KMQ2ZydQ+eI7iBLq+Fia45k+/fcGZZmDRjHf+rpROpS72
i5ic2ayIC4bgSEEvlzO6dGLTldjzDQO1JiHI5REyia3NmfiSdRaAMHLemutYypkV
tXctAWx+aSZo5vIjJ+k/ByFpzQjwpSiLuXEcn+eidDl7ocw2Ely1oqbVjNcqePoo
Vuq525YEsLkR6XPvoRxJaHzWRQH0911VhJBRZ5Els+DezmGhCQ==
---- END SSH2 PUBLIC KEY ----
On the Georgia SoftWorks UTS server, go to Start > All Programs > Georgia SoftWorks UTS > Certificate Mapping Tool for GSW SSH Shield
Expand Public Key Mapping, and select 1-to-1. Next click Add.

Figure 4: Certificate Mapping Tool
Click Enable this mapping and paste the clip board data into the Public key area. Fill out the rest of the fields below.

Figure 5: Mapping an Account to a Public Key
Click OK, and click Apply. You should now see the mapping you created.

Figure 6: Certificate Mapping Tool – Public Key Mappings
The changes will not take effect until the Georgia SoftWorks SSH Shield service is restarted. Click Yes to restart SSH or No if you intend to restart later.

Figure 7: Certificate Mapping Tool Dialogue Box

Watch: Public/Private Key Creation and Use

Your browser doesn't support HTML5 video.

The new value will take effect when the GSW SSHD service is restarted

Public/Private Key Creation and Use

Public / Private Key Introduction

Creating a Public / Private Key

Install Public Key on the Server and Map to Windows User Account

Products

Legal

Support

Payments

Media

About GSW section

Contact Us

Address