Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - LanGuard Section
  3. Articles

Creating Linux Certificate Authentication

Overview

This article guides you on how to create a Linux Certificate Authentication for GFI LanGuard.

Process

  1. On the Linux machine, run the command: ssh-keygen t rsa
  2. When prompted, enter the filename for the new key pair to be generated.
    Example: [Filename]
    • Two files are now generated: [Filename] and [Filename].pub
    • NOTE: When prompted for a passphrase, ensure that no passphrase is entered. It is important that this is left empty since GFI LanGuard does not support passphrase certificates.
  3. Add the content of [Filename].pub to the authorized_keys file located in the user's <home>/.ssh/ folder. If the file authorized_keys does not exist in the user's <home>/.ssh/ directory, create the file manually.
  4. Copy the file [Filename] to the GFI LanGuard machine. This is the file to be used with the GFI LanGuard SSH module. The [Filename] file is the private key and must be protected.
  5. For each Linux machine, you want GFI LanGuard to scan using Certificate Authentication by performing the following steps:
    1. Copy the file [Filename].pub to each Linux machine.
    2. Repeat step 3 above.

Resources

SSH/OpenSSH/Keys

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments