16.3.1. Generating Keys

The Key Generation Wizard is accessible within the program from the Tools menu. The wizard prompts you for the key-generation algorithm (RSA or DSA), the number of bits in the key, the key comment and passphrase, and the name of the key. After generation, the key is stored in the Windows registry and is accessible from the Properties window under User Keys. Incidentally, the Windows registry key is:

HKEY_CURRENT_USER\Software\Data Fellows\F-Secure SSH 2.0

16.3.3. Installing Public Keys

For SSH-2 public keys only, F-Secure SSH Client includes the Key Registration Wizard, which automatically uploads and installs your public key on an SSH-2 server machine where your remote account resides. What a great feature! Of course the operation is secure: it connects to your remote account by SSH-2 using password authentication.

SSH-1 public keys must be installed manually on the server. Connect the remote host using password authentication, and then open the Properties window and select User Keys. From here you have two choices:

• Export your public key to a file, using the "Export..." button, then transfer the file to the remote server machine, and copy its contents into your authorized_keys file.

• Copy your public key to the Windows clipboard, using the Copy To Clipboard button, and then paste it into your remote authorized_keys file.

16.3.4. Using Keys

Unlike most Unix SSH products, F-Secure SSH Client doesn't let you specify which key to use for a session. Instead, it tries each key in turn. When one matches a public key on the server, you are prompted for your passphrase. To reject F-Secure's choice of key and use a different one, press the Escape key or click Cancel, and the next key is selected and tried. If all keys fail, the program falls back to password authentication.