Creating key pairs for key-based login with the TADDM server

You can create a public/private key pair using the Secure Shell protocol (SSH) for key-based login with the TADDM server.

Depending on the version of SSH that you are using, SSH key-based login uses the keys shown in Table 1:

Table 1. SSH keys
SSH Version/Algorithm Private Key Public Key
Openssh/SSH2/RSA $HOME/.ssh/id_rsa $HOME/.ssh/id_rsa.pub
Openssh/SSH2/DSA $HOME/.ssh/id_dsa $HOME/.ssh/id_dsa.pub
Openssh/SSH1/RSA $HOME/.ssh/identity $HOME/.ssh/identity.pub
Commercial/SSH2/RSA $HOME/.ssh2/id_dss_1024_a $HOME/.ssh2/id_dss_1024_a .pub

You can also generate a public/private key pair using OpenSSH, version 2. To generate a public/private key pair using an SSH program other than OpenSSH or another version of OpenSSH, refer to the SSH documentation.

To generate a public/private key pair using OpenSSH, version 2, complete the following steps:

  1. Log in as the owner of the TADDM server.
  2. To generate the SSH key, enter the following command: 
    $ ssh-keygen -t rsa

    Accept the command defaults. TADDM supports key pairs with or without a passphrase.

  3. On each target computer system where you want to allow for a key-based login, insert the contents of the id_rsa.pub file into the $HOME/.ssh/authorized_keys file for the service account.
    Certain SSH2 implementations generate the keys in a directory other than $HOME/.ssh. If your SSH implementation generates the keys in a different directory or with a different name, copy, link, or move the private key file to the $HOME/.ssh/id_rsa or $HOME/.ssh/id_dsa directory, depending on the algorithm.