305
1.877.877.2269
BLACKBOX.COM
NEED HELP?
LEAVE THE TECH TO US
LIVE 24/7
TECHNICAL
SUPPORT
1.877.877.2269
CHAPTER 16: ADVANCED CONFIGURATION
The config files are now in /etc/config/. For example:
/etc/config/sshd_config not /etc/sshd_config
/etc/config/ssh_config not /etc/ssh_config
/etc/config/users/<username>/.ssh / not /home/<username>/.ssh/
16.6.2 GENERATING PUBLIC KEYS (LINUX)
To generate new SSH key pairs use the Linux ssh-keygen command.
This produces an RSA or DSA public/private key pair. You will be prompted for a path to store the two key files: id_dsa.pub (the public
key) and id_dsa (the private key). For example:
$ ssh-keygen -t [rsa|dsa]
Generating public/private [rsa|dsa] key pair.
Enter file in which to save the key (/home/user/.ssh/id_[r|dsa]):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_[r|dsa].
Your public key has been saved in /home/user/.ssh/id_[r|dsa].pub.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they will be
used for. For example:
$ mkdir keys
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key: ~/keys/control_room
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ~/keys/control_room
Your public key has been saved in ~/keys/control_room.pub.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
There must be no password associated with the keys. If there is a password, Black Box devices will have no way to supply it at
runtime.
Full documentation for the ssh-keygen command can be found at http://man.openbsd.org/OpenBSD-current/man1/ssh-keygen.1.
