For Unix key authentication, the service supports private RSA and DSA keys generated with any version of OpenSSH that supports SSH protocol version 2 (SSH2). The private key must be PEM-encoded and must not be encrypted with a passphrase, meaning that the passphrase is empty.
1. Login to any system with a supported version of OpenSSH.
2. Enter the following key generation command and then press Enter.
$ ssh-keygen –t type
Where type is either rsa or dsa, depending on the key pair type you want to generate.
3. Press Enter when prompted for the file in which to save the private key. The private portion of the key pair is saved at either $HOME/.ssh/id_rsa or $HOME/.ssh/id_dsa. The public key will be stored in the same directory with ".pub" appended to the file name.
4. Press Enter when prompted for a passphrase to keep the passphrase empty. The service does not currently support private keys encrypted with passphrases.
5. Press Enter to confirm the empty passphrase.
Two key files are created in the (hidden) directory ".ssh":
Private key (id_rsa or id_dsa). The private key will be supplied in a Unix authentication record.
Public key (id_rsa.pub or id_dsa.pub). The public key will be distributed to all target hosts to be scanned.