.. _SSH_key_management:

SSH key management
------------------

.. index:: keys;keys create
.. index:: keys;keys add
.. index:: keys;keys send

SSH authentication requires maintaining the system SSH keys.  This can be done as follows:

* **keys create** creates a local SSH keyset
* **keys add <host>** adds the remote host to the known hosts list allowing outgoing connections
* **keys send <user>@<host>** will send the public key from the local SSH keyset to the remote 
  server, thereby enabling remote SSH authentication.

For example, if you wish to perform a backup to a remote host, first create a local key if 
necessary with **keys create**.  Allow communication with the host using **keys add <host>**.
Send the key to the remote host with **keys send <user>@<host>**.

If you select ssh key-based authentication that was set up
without a password, you will be prompted to input the password
when adding a sftp backup host:

::

  platform@VOSS-UN-6:~$ backup add remote sftp://dan@182.59.31.201/sftp
  No password found. Do you want to use sshkeys? [y/N]: y




The certificates are independent of web servers/proxies.

For more details on SSH key-based authentication, refer to OpenSSH documentation.


.. |VOSS Automate| replace:: VOSS Automate
.. |Unified CM| replace:: Unified CM