Generating key pairs for SSH 2.0

Generating key pairs for SSH 2.0 requires generating an RSA key pair and a DSA key pair.

Considerations

If you use SSH 2.0 clients other than OpenSSH, you might have to edit the public key before you can use it.

Steps

Using your SSH 2.0 client, generate an RSA key pair.
Your client generates the RSA key pair, a public key and a private key, and stores them on the client.
Using your SSH 2.0 client, generate a DSA key pair.
Your client generates the DSA key pair, a public key and a private key, and stores them on the client.
Copy the generated public key to the storage system default directory and append it to the /etc/sshd/user_name/.ssh/authorized_keys2 file.

Example generating RSA and DSA key pairs

The following is an example of generating RSA and DSA key pairs with an OpenSSH UNIX client.

% ssh-keygen -t rsa -b 1024
Generating public/private rsa key pair.
Enter file in which to save the key (/u/john/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /u/john/.ssh/id_rsa
Your public key has been saved in /u/john/.ssh/id_rsa.pub
% ssh-keygen -t dsa -b 1024
Generating public/private dsa key pair.
Enter file in which to save the key (/u/john/.ssh/id_dsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /u/john/.ssh/id_dsa
Your public key has been saved in /u/john/.ssh/id_dsa.pub

In this example, the id_rsa.pub and id_dsa.pub files are the public-key files that you copy to the storage system root volume.

The following commands append the public keys to the /etc/sshd/user_name/.ssh/authorized_keys2 file on storage system sys1:

% mount sys1:/ /mnt_sys1
% cat id_rsa.pub >> /mnt_sys1/etc/sshd/john/.ssh/authorized_keys2
% cat id_dsa.pub >> /mnt_sys1/etc/sshd/john/.ssh/authorized_keys2

Parent topic: Public-key-based authentication