Here is a mini Howto about configuring your SSH service to work with Public Keys Based Authentication.

So, you have a BSD Workstation and you want to connect via SSH to a BSD Server using Public Keys Based Authentication.

Step 1. Login to your BSD Workstation to create your Private/Public Keys.
-------------------------------------------------------------------------------------------------

# ssh-keygen -t rsa

You will be prompted to enter file in which to save the key (/home/user/.ssh/id_rsa).
Then you will be prompted to enter a passphrase.You can also choose not to add a passphrase, in which case you press enter.

Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.


Step 2. Copy your public key (id_rsa.pub) to your BSD Server using scp
----------------------------------------------------------------------------------------------

# scp /home/user/.ssh/id_rsa.pub  This email address is being protected from spam bots, you need Javascript enabled to view it :/.ssh/authorized_keys2


If you need to connect to your server from multiple BSD stations you must generate Private/Public Keys on each workstations then append content of id_rsa.pub files from every workstation to your authorized_keys2 file from your server.

Tips
------
a) Change passphrase on your workstation:

# ssh-keygen -p


b) Manage your passphrase with ssh-agent, in order not to input passphrase at every ssh auth.

On your workstation type:
# ssh-agent $BASH
# ssh-add

Then type your passphrase. From now on, you will not be prompted to enter a password.

c) List keys
# ssh-add -l

d) Delete a key
# ssh-add -d key

(-D to delete all keys)

Notes
-------
Your sshd config file should contain:

RSAAuthentication yes
PubkeyAuthentication yes

In order to properly work, rights to authorized_keys2 shoud be 600