_____________________________________________________________________
B096-016 B096-048 and B092-016 User Manual Page 179
OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to
effectively eliminate these risks. Additionally, OpenSSH provides a myriad of secure tunneling
capabilities, as well as a variety of authentication methods.
OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of Unix.
OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all
patent-encumbered algorithms removed (to external libraries), all known security bugs fixed,
new features reintroduced and many other clean-ups. http://www.openssh.com/ The only
changes in the SSH implementation are:
PAM support
EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are
absent from other versions of UNIX
The config files are now in /etc/config. e.g.
o /etc/config/sshd_config instead of /etc/sshd_config
o /etc/config/ssh_config instead of /etc/ssh_config
o /etc/config/users/<username>/.ssh/ instead of /home/<username>/.ssh/
Generating Public Keys (Linux)
To generate new SSH key pairs, use the Linux ssh-keygen command. This will produce an RSA or
DSA public/private key pair and you will be prompted for a path to store the two key files e.g.
id_dsa.pub (the public key) and id_dsa (the private key). For example:
$ ssh-keygen -t [rsa|dsa]
Generating public/private [rsa|dsa] key pair.
Enter file in which to save the key (/home/user/.ssh/id_[rsa|dsa]):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_[rsa|dsa].
Your public key has been saved in /home/user/.ssh/id_[rsa|dsa].pub.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
It is advisable to create a new directory to store your generated keys. It is also possible to name
the files after the device they will be used for. For example:
$ mkdir keys
$ ssh-keygen -t rsa