Use the Open SSH client key generation utility

Use the Open SSH key generation utility to generate a key pair and convert the public key to the proper format. The steps vary depending on whether you use a default name (id_dsa or id_rsa) and location, or you use a non-default name or location when you generate a key pair:

• Generate a key pair with a default name and location
• Generate a key pair with a non-default name or in a non-default location
  

  Generate a key pair with a default name and location

  When using public key authentication, the OpenSSH client by default looks for a private key named id_dsa or id_rsa in the $HOME/.ssh directory. On the system running the OpenSSH client, change directories to .ssh. If the .ssh directory does not exist, create it. Use the following command to create a key pair:

ssh-keygen –t <rsa or dsa>

Note: You must use the –t switch and specify a type, rsa or dsa. To see a list of available switches, use the command ssh-keygen -h, or check the man pages for more details.

The key generation utility will run for a few moments.

Once the utility has generated the key pair, you are prompted to enter a file and the path in which to save the key. Accept the default file name and path.
You are then prompted to enter and confirm a passphrase.
After entering a passphrase, the location and names of the private and public keys are displayed. For example:
Your identification has been saved in /export/home/user/.ssh/id_dsa.
Your public key has been saved in /export/home/user/.ssh/id_dsa.pub.

Now that you have created the key pair, proceed to the section that describes how to Convert the public key to the proper format – version 6.x only (For windows only). If using between nix machines, no conversion is required.

Convert the Key(s)

Download the puttygen tool from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html and then launch it in windows.

• Under parameters, select ssh2 rsa or dsa (depending on what you choose above when creating the key).
• Under Actions, Click the Load button (next to the text “Load an existing private key file”) and navigate to where you saved the private key.
• Once the private key is imported click “save private key”. It will be saved with a .ppk extension. The public key can stay as in openssh format.

Next, upload the public key to the intended unix server, and save in the proper directory with the right permissions. This would be: $HOME/.ssh/authorized_keys

The .ssh directory should have mode 0700 on it (Owner has rwx, and everyone else has no access). The authorized_keys files should be 0622 (owner has rw, everyone else has r only).

Create SSH Tunnel with putty

You may have a requirement to setup a SSH tunnel to encapsulate the data stream for security purposes. For example, you may wish to use IMAP through SSH for security, as IMAP sends its credentials over the network in plain text.

The first step (windows) would be to download the putty tool for making ssh encrypted connections. This is available from: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

After you download the putty.exe program, you should launch it and configure as required. Refer to http://www.silvertree.org/smtp_tunnel.htm for an example.

Ensure the public key exists within $HOME/.ssh/authorized_keys. If the file doesn’t exist, create it. If it exists, ensure no other keys exist. If other public keys exist, then you will want to copy and paste the public key into that file.