Key-Based Authentication Requirements

There are a variety of differing key types supported by various SSH implementations. As the SSH Collection Module uses the OpenSSH distribution for the SSH client, the key type used must be understood by OpenSSH.

The requirement for keys provided as part of an SSH credential entry for the SSH Collection Module is that the private key must be in the ASCII PEM encoding, which is the default when generated using the SSH-keygen utility.

Certain key generators, will generate a binary-form key file. If such a key is desired to be used, it must first be converted to ASCII PEM format prior to use. Consult the documentation for the key generator software for details on key conversions. It is highly recommended that the conversion is performed on a copy of the key, and that the successful utilization of the key is validated prior to use as a credential entry for the SSH Collection Module.

Private keys generated by the PuTTY client popular on Windows platforms are not directly compatible with the OpenSSH client, although the OpenSSH server supports validation of PuTTY public keys. These keys will need to be converted to the OpenSSH format prior to use.