Enabling SSH public key authentication on SmartZone controllers restricts admin SSH access of the controller to a specific PC/ user device. The addition of Public Key - private key pairs enhances security when compared to the username-password combination.
Here are the steps to enable SSH public key authentication on 6.x and above SZ/ vSZ controllers:
- Download the whole putty suite, which includes Putty, Puttygen and Pageant.
- Generate public key and private key pair using Puttygen. ECDSA is the preferred digital signature algorithm for the SZ controller
3. Generate the keys by moving the cursor over the mentioned area.
4. Copy the public key generated to a notepad file and save the private key to your PC. The public key could also be saved as a file.
5. Take a GUI session to the SZ > Administration > Admins and Roles > Administrators> choose domain > select an existing administrator name (“admin” used in this case) > click configure > expand “SSH Keys”> click import > paste public key from step 4 here.
6. Under Administration > Admin and Roles > Account Security > Global security > Set SSH authentication method to Public Key or Password.
7. Open Putty Pageant > Find pageant on the task bar as shown:
8. Right click on the Pageant icon and select “add key”> choose the private key that was saved to the PC (from step 4).
9. Once the private key has been successfully added to Pageant, open a new Putty window > choose SSH > enter the IP of the controller > use “admin” as username. The SSH session would not prompt for password and directly go ahead with authentication, as shown below: