The Branch Gateway also supports the SSH Public Key Authentication process which allows a user to login using a public/private pair of keys with more cryptographic strength than passwords. The public key is downloaded and associated with a Branch Gateway user account. The private key, also called the identity, is used to authenticate access to the Branch Gateway user account. Therefore, with this method, it is very important to protect access to this private key with an embedded password and/or access for only approved users.

With Public Key Authentication on Branch Gateway, it is important to remember that the key pairs are associated with a Branch Gateway local users created by default (For example, root) or with the username command. This should not be confused with the user names on the client system (For example, Linux or Windows) where the keys were created or where the SSH client resides.

The Branch Gateway supports public key files (i.e. authorized_keys files) in the OpenSSH format. This key format has the fields in the table below delimited by whitespace. All SSH authorized_keys options used for advanced features (For example, set environment variable, execute command, and more) are ignored.