How do I configure Public Key authentication?

How do I configure Public Key authentication?

Public Key authentication is not to be confused with PKI. There is no infrastructure here and no certificates either. Still it can be a useful technique.

To use Public Key authentication the user must have a permanent Unix account on the AppGate server. Bring up the user's account info (Administration->"User Accounts"->"Local Accounts" and click on the user). Under the Misc tab there is a check box "Unix account" that needs to be checked.

Next you must generate a Public Key pair. This can be done by going to Administration->"User Accounts"->"Local Accounts" and click on the user. Make sure "Public key" is checked and the click on "Create key pair". You'll be prompted for a password to protect the key, this may be left empty if needed. Then you'll be prompted to save the private key part on your computer, the standard file name (which is used through-out this guide) is id_rsa.

On the client side you should select Public Key as your authentication method. If you are using the AppGate client you can select the id_rsa file in the "Open Connection"->"Properties" dialog, if you use a standard ssh client you will typically give it like: 

ssh -i id_rsa  user@appgate.server

If things does not work you can run the sshd deamon on the AppGate server in debug mode.

  1. Become root Run the command

  2. /opt/APPGserv/sbin/sshd -d -d -p 222
    You can add more -d if you want more verbose output.

  3. In the client change the port to 222 and connect.

 

Updated 2008-12-17 14:41 Copyright © 2002-2009 AppGate Network Security AB. All rights reserved.
Legal notice 		Contact AppGate Network Security
Comments to the webmaster