SSH keys are a public/private key pair that allows login to an SSH daemon (sshd) without using a password. SSH keys are generated using the
ssh-keygen program on Linux/Unix/ macOS/Cygwin, or with PuTTYgen on Windows.
Note: Loading your SSH public key into the RCF/ACF LDAP server, as described in these pages, will only allow you to log in to the RACF gateway machines. You will no longer automatically get your Kerberos and AFS tokens. It is recommended that you run the
kinit program on the gateway machine as
kinit -5 -4 -l 7d (the third argument is a lower-case L) to obtain your Kerberos and AFS tokens. You can then proceed to login to an internal machine at the facility. An alternative would be to copy your public key to the
authorized_keys file in the
.ssh directory in your NFS home directory in the facility. Adding your public key to the file will allow you to log in to the internal machines, but you will not have your Kerberos or AFS credentials.
Note: SSH keys are checked within the sshd program itself, thereby taking precedence over the other authentication methods.
When fully implemented, CryptoCards authentication will automatically obtain Kerberos and AFS tokens and tickets.