0Pricing
Cryptology Academy · Lesson

Public Key Authentication and Agent Forwarding

Understand authorized_keys, Ed25519 vs RSA keys, and the security implications of SSH agent forwarding.

authorized_keys File Format

SSH public key authentication relies on the authorized_keys file, typically located at ~/.ssh/authorized_keys on the server. Each line contains a public key in the format: algorithm base64-key comment. The server checks whether the client can prove possession of the matching private key by signing a challenge.

Generating SSH Keys with ssh-keygen

The ssh-keygen command creates key pairs for authentication. Running ssh-keygen -t ed25519 generates a modern Ed25519 key pair. You can specify a comment with -C for identification, such as your email. The tool saves the private key (id_ed25519) and public key (id_ed25519.pub) in ~/.ssh by default.

All lessons in this course

  1. SSH Handshake and Host Key Authentication
  2. Public Key Authentication and Agent Forwarding
  3. SSH Tunneling and Port Forwarding Techniques
  4. SSH Hardening and Audit Best Practices
← Back to Cryptology Academy