SSH public key authentication

Use existing keys

If you already have an SSH public key, it is not necessary to generate a new one. In the instructions below, skip the steps for generating keys, and instead use your existing key in the steps for installing them at Panix.

Generating your keys using Linux, *BSD, Mac OS 10.x, Linux subsystem for Windows, etc.

In a terminal on your machine, run the program ssh-keygen. If your OS isn't ancient, you should be able to use an ED25519 key, which is the preferred type:

   ssh-keygen -t ed25519
If you get an unknown key type error, you can use RSA keys instead:
   ssh-keygen -t rsa
For more options, see the ssh-keygen man page.

ssh-keygen will ask for an optional password for the key. We strongly recommend using a password on the key, even if you are the only user of your machine.

ssh-keygen will have created 2 files in the ".ssh" directory on your machine: "id_ed25519" (or "id_rsa") and "id_ed25519.pub" (or "id_rsa.pub").

To use your keys with Panix shell hosts, put the contents of the .pub file in the file "authorized_keys" in the .ssh directory of your Panix account.

To use your key with Panix V-Colos, you can paste the contents of the .pub file into the "SSH Public Keys" text box during OS installation. By default, we will use the SSH key you've set up for console access (see next paragraph). If you installed the OS already without configuring an SSH key, you'll need to log in to your V-C by some other means and then add the .pub key to your user's .ssh/authorized_keys file.

To use your key for your V-Colo console (which will also establish the default key for future V-C OS installations), go to our configuration console and paste your .pub key in there.

Generating and installing your keys using PuTTY on Windows

ED25519 or RSA keys may be generated with the program PuTTYgen.exe, included with the normal PuTTY installation. This is a GUI program. At the bottom of the PuTTYgen window, select ED25519 as the key type. If ED25519 isn't available, you can choose RSA (not SSH-1 (RSA)), but we strongly recommend upgrading to a more recent version that supports ED25519. You may add an optional password to protect the key, and we strongly recommend doing so. Then click the Generate button, and move the mouse around. The program uses mouse movements to generate randomness.

Once generation is completed, the public key will appear in the window. Click 'Save private key'. Copy the public key displayed in the window. Then:

In the main PuTTY screen, scroll down and click on the SSH category. Select the 'Auth' option. Where it says 'Private key file for authetication', click Browse, and select the key file you just created (probably id_ed25519.ppk, unless you named it something else when you saved the key).

Go back to the Session item, select your Panix session configuration, and click 'Save'.



Last Modified:Monday, 16-Sep-2019 17:05:47 EDT
© Copyright 2006-2020 Public Access Networks Corporation