Topic - Summary of SSH client authentication using a public key

This page summarizes the information about SSH client authentication using a public key. Click Next to return to the topics page of this section.

• Public key authentication for SSH requires a user id and a public-private key pair. The SSH server must be configured with the public key. The SSH client must be configured with the public key and the private key.

• The steps in configuring a VT Display session for SSH client authentication using public key authentication are:
  1. Use keytool to generate a public-private key pair.
     • keytool is included in the Java 1.4 JRE and is distributed with Host On-Demand.

  2. Use the Export Public Key utility to extract the public key from the keystore into a separate file.
     • The Export Public Key utility is integrated with the SSH configuration window for the VT Display session configuration.

  3. Configure the SSH server with the public key.
     • Each SSH server has different requirements. Consult the system administrator for the SSH server that you intend to use.

  4. Copy the keystore containing the public-private key pair to the workstation for the SSH client.
     • Use the same file path and name on the workstation as you intend to specify in the KeyStore File Path field of the SSH configuration window.

  5. Configure the SSH configuration window for client authentication using a public key.
     • In the fields of the SSH configuration window, you can either specify a value or leave the field blank. If you leave the field blank, Host On-Demand uses a default value when the end user starts the session.

• If public key authentication is not working, check the list of troubleshooting suggestions.

• The flexibility of the SSH configuration for Host On-Demand allows you to create one VT Display session profile for many users, multiple client platforms, or multiple user ids.