Generate a public/private key pair
This scenario is suitable when creating a key pair from a self-signed certificate not certified by a CA signing authority.
Use
sshkeygen
to create an encrypted public/private key file:sshkeygen -p mypass > user_ppk.kvg
The resulting user_ppk.kvg file contains details such as the key type, encryption status, and creation timestamp.
Add the public key to the user's authorized_keys file; for exampe:
cat ~/.ssh/authorized_keys
After logging in the user, append "KeyType" [space] "PublickKey" into ~/.ssh/authorized_keys. It should look like:
rsa AAAAB3NzaC1yc2EAVAABJQAAAIEAqJQh1F6dyZcrUNWmvRtcuItLXsTDZqBjuw9vRMS2/9oalMEiKSu1T/ZlHdoQSxRDL8Utz+n5s08Xx/oYp/BbP\ te6vnbo0muL94aw0rf//jyWLsztVsXsiH+GbNXARt2H/v/ZYH0Bt1US3bXt5C2mV/I30nplDbdhEm1n6HtDSNU=
Configure
agtssh
to use the public/private key for authentication. Change the target address line to add the authkey option to user_ppk.kvg and copy the file into the script folder.For public key authentication, the adminid is used to decrypt the authentication key file and systempw isused to authenticate for sudo (if sudo is set in privileged escalation mode).