SSH login with public/private key authentication

To connect to Airlock Gateway using SSH with public key authentication, log in with the root user. The password for the root user is defined during installation. The following sections explain how to use SSH public key authentication with two commonly used tools: PuTTY and OpenSSH.

PuTTY (recommended for Windows platforms)

Creating a public and a private key for SSH access with PuTTY

  1. Start the PuTTY Key Generator.
  2. As Type of key to generate, select RSA.
  3. Click the Generate key.
  4. Move the mouse cursor within the window to create a random string of characters.

  5. The resulting key may look as follows:

  6.  
    Terminal box
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCIdQUMy+Gi5sIUU3fOYgY1pHpi27nzjzJfhn4MVjDvemMy5s9ObMqOSZtflcuGHr2y89YqFlfRIAs4/zrog4Wr7bInjQ+3TA8/jGSFDDr4yKBdL8oHvlpZsrziNeMkrDsb9OMMeHndpRB7PmjuN/TzA3h766zaKx7UNbbKie0jAboD80eEszJcjNiwi7QdEjyXXMLCCzfic1UcCvoUlr6rEmY8hQE3FExRJMqh8l8z7DOrneVsOr8USnZ0hNSt28NpN/HCi6QfzJLZddqgO+aGHaNV0I11LobGH1S4YHQeR5QV2CBsNjd8tUP4W/8S1uc8Dp5qlnB4fWyyfkNtBF8T rsa-key-20250909

  7. Note: The complete encoded key must consist of one single line without line breaks.

  8. Define a Key passphrase.
  9. Save the private key as id_airlock.ppk.
  10. Save the public key as id_airlock.

Importing the public key to Airlock Gateway

  1. Start the PuTTY client.
  2. Connect to the Airlock Gateway server using your credentials.
  3. Append the public key to the file authorized_keys file on Gateway:
  4.  
    Terminal box
     % echo 'ssh-rsa ...' >> .ssh/authorized_keys

You can add as many different public keys as needed into the same file (for access by different users). Each key must consist of one single line without line breaks.

Establishing an SSH connection with the private key

  1. Start the PuTTY Configuration tool.
  2. In the navigation tree, go to:
    Connection >> SSH >> Auth >> Credentials
  3. Click the Browse button.
  4. Select the id_airlock.ppk file.
  5. Go to the Session category at the top of the navigation tree.
  6. Enter the hostname or IP address of the Airlock Gateway in the Host Name field.
  7. Optional: Under Saved Sessions, enter a session name and click the Save button to avoid repeating the configuration.
  8. Click the Open button to start the connection.
  9. When prompted, enter the passphrase for the private key.

  10. Note: If the format of the public key file is invalid, PuTTY falls back to password authentication.

Alternative: Establishing an SSH connection using Pageant (the PuTTY authentication agent)

  1. Start Pageant.
  2. In the taskbar, right-click the Pageant tray icon and select Add Key.
  3. Import the private key.
  4. Keep Pageant running.

When you start PuTTY to connect to Airlock Gateway, it automatically logs in.

Optional: Exporting the private key to OpenSSH format for use with other tools

  1. Start the PuTTY Key Generator.
  2. Import the id_airlock.ppk file.
  3. In the Conversions menu, select Export OpenSSH Key.

OpenSSH (recommended for Unix/Linux platforms)

Enabling public/private key-based SSH access with OpenSSH:

  1. Create the ssh user directory on your client machine (if it does not exist):
  2.  
    Terminal box
    % cd ~
    % mkdir -p .ssh
    % chmod 700 .ssh
    % cd .ssh
  3. Generate a public/private key pair (type RSA):
  4.  
    Terminal box
    % ssh-keygen -t rsa -C "Airlock access for $USER" -f id_airlock

  5. The resulting key may look as follows:

  6.  
    Terminal box
    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCIdQUMy+Gi5sIUU3fOYgY1pHpi27nzjzJfhn4MVjDvemMy5s9ObMqOSZtflcuGHr2y89YqFlfRIAs4/zrog4Wr7bInjQ+3TA8/jGSFDDr4yKBdL8oHvlpZsrziNeMkrDsb9OMMeHndpRB7PmjuN/TzA3h766zaKx7UNbbKie0jAboD80eEszJcjNiwi7QdEjyXXMLCCzfic1UcCvoUlr6rEmY8hQE3FExRJMqh8l8z7DOrneVsOr8USnZ0hNSt28NpN/HCi6QfzJLZddqgO+aGHaNV0I11LobGH1S4YHQeR5QV2CBsNjd8tUP4W/8S1uc8Dp5qlnB4fWyyfkNtBF8T rsa-key-20250909

  7. Note: The complete encoded key must consist of one single line without line breaks.

  8. Set the passphrase for the private key as requested.
  9. Copy the key to Airlock Gateway:
  10.  
    Terminal box
    % ssh-copy-id -i id_airlock root@myairlock.example.com

Establishing an SSH connection with the private key

 
Terminal box
% ssh -i id_airlock root@myairlock.example.com

Alternatively, you can use the SSH key agent with the ssh-agent program and the ssh-add command, as described in the OpenSSH documentation.