Creating a Public/Private Key Pair

To create an SSH public/private key pair, perform the following steps:

Issue the ssh-keygen command in the standard command shell (not the SRC CLI) on the computer where the client application runs. By providing the appropriate arguments, you encode the public key with either RSA (supported by SSH versions 1 and 2) or the Digital Signature Algorithm (DSA, supported by SSH version 2). For more information, see the manual page for the ssh-keygen command. The SRC software uses SSH version 2 by default, but also supports version 1.% ssh-keygen options
Associate the public keys with the login account by including the ssh-authorized-keys statement at the [edit system login user user-name authentication] hierarchy level. The SRC software copies the public keys onto the C-series Controller: [edit system login user user-name authentication] user@host# set ssh-authorized-keys [ssh-authorized-keys...]
The ssh-keygen command by default stores each public key in a file in the ssh subdirectory of the user home directory; the filename depends on the encoding (DSA or RSA) and SSH version. For more information about configuring SSH authentication, see SRC-PE Getting Started Guide.
(Optional) Commit the configuration. Alternatively, you can wait until you have added the statements that satisfy all prerequisites (see NETCONF Service over SSH Is Enabled).[edit system login user user-name authentication] user@host# commit
Repeat Steps 2 and 3 on each C-series Controller where the client application establishes NETCONF sessions.