Security: SSH

Overview

SSH allows secure file transfer and remote logins over the internet. Your connection via SSH is encrypted for a secure connection. You can manage your SSH keys to allow automation when logging in via SSH. Using public key authentication is an alternative to password authentication. Since the private key must be held to authenticate, it is virtually impossible to brute force. You can Import existing keys, generate new keys, as well as manage/delete keys.

SSH (Secure Shell) is a program to log into another computer/server over a network securely. It provides strong authentication and secure communications over insecure channels. Your login, commands, text are all encrypted when using ssh.

Manage SSH Keys

Steps
  1. Click on the Generate a new Key link.
  2. Set the following:
    • Key Name - Enter the key name you want to use. It can be anything specific to your personal preferences. (If you leave this option empty, it will default to key name "id_dsa").
    • Key Password - Enter a password you want to use for this key. You can leave this option blank if you do not want to use a password.
    • Key Type - Select either DSA or RSA from the drop down menu. RSA and DSA are encryption algorithms used to encrypt your key. DSA is faster for Key Generation and Signing and RSA is faster for Verification.
    • Key Size - Select the key size you want to use for this key. Your choices include (1024, 2048, 4096).
  3. Click on the Generate Key button.
  4. If the key has been generated successfully, you will see a pop-up appear stating "Key Generation Complete!" Click on the OK button.
  5. Click on the Go Back link.
  6. When the page loads, you will see a "Public Keys" table with your newly public key containing the following information, split into three columns:
    • Name - This entry will be the Key name you chose in Step 2 above.
    • Authorization Status - If your key has not been authorized, it will state "not authorized" in this column. To authorize your key, follow the instructions in the "Manage Authorization" section below.
    • Actions - You have three choices:
      • Delete - Click on this link to delete the key.
      • View/Download - Click on this link to view or download the key.
      • Manage Authorization - Click on this link to authorize your key. Once the page loads, click on the "Authorize" button. You should receive a confirmation stating "KEY_NAME has been Authorized." Click on the "Go Back" link. Now when you view the Public Keys table, you should see "authorized' in the "Authorization Status" column for your new key.
  7. In addition to the "Public Keys" table, you will also see a "Private Keys" table with your newly public key containing the following information, split into two columns:
    • Name - This entry will be the Key name you chose in Step 2 above.
    • Actions - You have three choices:
      • Delete - Click on this link to delete the key.
      • View/Download - Click on this link to view or download the key.
  8. Now that you have created a new key, review the following information:

The public and private key are similar to a puzzle. They are created together to use during the login/authentication process. The public key resides on the server (the remote location) The private key resides locally on your computer/server. When you attempt to login to a server, the public and private key are compared. If they "match", then you will be allowed to login to the server location.

You can download the private/public keys here and import into PuTTY (or other SSH clients) if you prefer using something else for SSH connections. Or, if you have been using PuTTY, you can import the public/private keys by click on Import Key. You can also download your key in PuTTY's ppk format under View/Download.

  1. Click on the Go Back link.

Java SSH Login

When using the Java SSH clients, you have your choice of two types of clients:

  • Connect using SSHTerm - SSH Term allows you to connect through public key or password authentication without downloading any software. Public key authentication require you to have a copy of your private key locally. This can be obtained by following the instructions in the "Manage SSH Keys" above.
  • Connect using Java Telnet Applet - Java Telnet Applet allows you to connect using password authentication without downloading any software.

To use either client, click on the appropriate link.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

GnuPG Keys

Overview GnuPG is a publicly available encryption scheme that uses the "public key"...

Security: HotLink Protection

Overview HotLink protection prevents other web sites from directly linking to files (as...

Security: IP Deny Manager

Overview The IP Deny Manager will allow you to block a range of IP addresses to prevent...

Security: Leech Protect

Overview Leech Protect allows you to prevent your users from giving out or publicly...

Security: Password Protect Directories

Overview Password protection allows you to require a username and password to access a...