Skip to content

Public Key Access for native SSH clients

Concepts

Native SSH client access supports public key authentication of the application user to the SSH Proxy as an alternative to the password authentication.

Public key authentication to SSH Proxy carry the following benefits

  • Increase Security. When using private keys to authenticate, there is no need to transmit passwords over the network. And because the private key is kept on your local machine, it is less vulnerable to interception or attack.

  • Better Access Control. SSH keys can control access to servers and applications by restricting access only to authorized users with the corresponding private key.

  • Convenience. SSH keys can be more convenient and increase users’ productivity. Whilst the recommended practice is to encrypt keys with a unique passphrase.

  • Automation. SSH keys can be used in scripts and automation tools to automate tasks that require logging into a remote server. This can make managing and maintaining servers and applications easier and reduces the risk of a password being exposed.

How to use

First, generate SSH private and public key pair in the same way they are generated to use for ssh servers to access Unix, Linux or other network devices devices. For example use the following command to generate 4096 bits RSA key (optionally specify the password protecting the private key)

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

This command will generate the following files in the .ssh folder of the user home directory

  • id_rsa private key
  • id_rsa.pub - public key

Second, upload the public key id_rsa.pub to the authorized keys management on the 12Port Server

Authorized Keys

Finally, use regular SSH Proxy commands to access SSH Proxy with the native client using the public key authentication

ssh -i ~/.ssh/id_pub user@pam.example.com

Refer to the documentation of your native client for details of key pair generation, storage and utilization.