HP-UX HB v13.00 Ch-10 - Network Services
HP-UX Handbook – Rev 13.00 Page 22 (of 26)
Chapter 10 Network Services
October 29, 2013
The two most common, Password and Public-Key, will be considered in this document.
Password authentication is simple and should work with no configuration set up. Although a
password is sent across the network it is not sent in clear text as in the case of telnet or rlogin or
ftp.
Public-Key authentication is set up by means of generating a mathematically related
Private/Public key pair on the ssh client. The client must keep the Private key secret but the
Public key can be freely distributed.
The scenario goes like this: the ssh client sets up a key pair in the $HOME/.ssh subdirectory of
the user who wants login access to the sshd server using the ssh-keygen command and then
transfers the Public key to the $HOME/.ssh directory of the desired user and then appends the it
to the authorized_keys file.
The user is prompted for the location to save the Private/Public key pair, and then the user must
decide whether to provide a passphrase. If none is given here, all future authentication is without
password provided. This makes ssh suitable for secure non-interactive file transfers and tasks;
however, there it is slightly less secure than providing the passphrase and changing it every so
often.
# ssh-keygen
Generating public/private rsa key pair.
Please be patient.... Key generation may take a few minutes
Enter file in which to save the key (//.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in //.ssh/id_rsa.
Your public key has been saved in //.ssh/id_rsa.pub.
The key fingerprint is:
60:b4:22:fa:1e:03:ff:20:9d:12:4e:99:e1:82:b7:bc root@host
The key's randomart image is:
+--[ RSA 2048]----+
| . |
| . . |
| .. . + |
|o.+. o . |
|*=. S |
|+O o |
|o.@ |
| + * |
| E . |