How To Create an RSA Key with Secure CRT:
1. Launch the Secure CRT application. The application displays typically with the Connect dialog box open to the
Session List tab. If the connect dialog box isn't open, click on the connect button (3rd from the left)
2. Select the New button (3rd from left) to create a new session. The Session Preferences – new
dialog box displays.
3. In the Name field, enter name of the session you are creating.
4. In the Protocol field, select ssh
from the drop-down list. As soon as you do this, additional boxes will appear below that section.
5. In the Hostname or IP field, enter your domain name or the IP number for your domain. For example: yourdomain.com
6. Complete the rest of the fields on this screen with the appropriate information. The Port number
should be left at 22. Make sure to enter your domain user name in the Username field. Leave Cipher as 3DES and select RSA from the Authentication
field's drop-down list.
7. Select the Advanced button. The Advanced SSH Options dialog box displays. Make sure the "Use
Global" radio button is checked.
8. On the General tab, select the Create Identity File button from the Identity Filename section of the
dialog box. The SecureCRT – RSA Key Generation Wizard displays.
9. Click on the Next> button to proceed with the next step of the Wizard.
10. If you wish to use a passphrase as an added layer of security, enter the passphrase in the
Passphrase and Confirm Passphrase fields. Be sure to enter it into both fields in exactly the same way
. Don't forget to your passphrase handy. You will need it when establishing a connection to the server.
11. In the Comment
field, either accept the default value or enter a new one. The comment will be your way of knowing when the application is prompting you for your passphrase.
12. Click on the Next>
button to proceed to the next step. (Note: the <Back button can be used
throughout this wizard to move back to the previous step and make changes if necessary.)
13. You need to determine the length of your RSA key pair needs to be determined. It is
recommended that you choose a value between 1024 and 2048 bits. 2048 bits is the maximum and will
generate the most secure key, but it takes longer to generate a key of this size. 512 bits is the absolute
minimum and is not recommended. Once you have entered a number, select Next> to proceed.
14. As the instructions in the wizard indicate, you need to move your mouse around on the screen
for the application to generate the key. The application uses a complex set of formulas to create the key
out of a mathematical interpretation of your mouse's movements. When you have moved your mouse
around sufficiently, the screen automatically changes and the key pair is generated. This is shown in the
image below. You do not need to move your mouse around for this second part of the step.
15. When both progress bars are "full", the Next>
button becomes enabled. Select it to proceed.
16. Select the folder on your hard drive in which to store the key. You can accept the default,
which is usually the identity sub-folder of the SecureCRT folder, located wherever you installed the application originally.
17. To complete the wizard, select the Finish button. The
Advanced SSH Options dialog box reappears.
18. From there, select the OK button to close the dialog box. The
Session Preferences – new dialog box reappears.
19. Select OK
to apply the changes and end the procedure. Your newly created session will now appear at the bottom of the Session List.
At this point you cannot yet connect to the server using Secure CRT. First, you must place the RSA
key on the server using the SSH Manager in the Control Panel. This is explained in the next section
How To Place the RSA Key on the Server:
1. (If you left the SSH Manager open from earlier sections in this manual, you may skip this step.) From
the Control Panel, select the SSH icon. Once again, the SSH Manager displays
Place your key in the text box that is provided in the SSH Manager and submit it. (To do this, you
must open the key in another application, copy it, and then paste it into this text box.)
2. Launch any text-editor. On a Windows-based PC, Notepad will suffice. (This is available from the Start
menu, under Programs, then Accessories.)
3. From the Notepad File menu, select Open. The Open dialog box displays.
4. Find the key file by switching the Files of type field to All Files (*.*)
. Then, move through the directory structure to the location of your file, identity.pub. (The application stated where the file would
be stored in the previous procedure.) When you located the file, double-click on it to open it in Notepad.
(Note, the image below has been altered, so the key will not actually work.)
5. Once the key is displayed in Notepad, highlight the entire key with your mouse. From the Edit menu, select Copy
6. Switch back to the SSH Manager and paste the key into the text box. You can do this by placing the
cursor in the dialog box and either selecting Edit and then Paste from your browser's main menu or by using the key combination [Ctrl] + [V]
. (Note: the image below has been altered. It is not a real key.)
7. Select the Submit button. A new screen displays.
8. Enter the IP address for any computers from which you will be accessing the server. You can get this
information from your ISP (Internet Service Provider).
Or, if you are currently at the computer you will be regularly using, you can find the IP address by:
- Open a MS-DOS PROMPT (For windows user, start, run and ms-dos prompt)
- Type IPCONFIG and press ENTER
- Write the IP ADDRESS down.
- In line #1 of step 5 above enter the IP address using the first three sets of numbers, then * for the
last set of numbers. Example: If your IP address is 22.214.171.124 then you will enter 123.58.199.* in the box.
- If you have a dedicated IP address (usually a cable modem or DSL or something like that) then do not use the *.
- 9. After you have entered a number in at least one of the spaces provided, click on the Next
button. A new screen displays.
- 10. Make sure that the IP address listed is correct. Then select the
Submit button. A message appears indicating that you will be able to access the server, via your SSH software
(Secure CRT), from one of the addresses you listed within the next ten minutes.
- Once these steps have been performed, use the Secure CRT software as usual to establish a
connection to your site on the server. You will be prompted for your passphrase when the
connection is made. Once the connection is made, Secure CRT works similarly to other telnet utilities.