Sophos Firewall: How to set up public key authentication for admin


  • This article describes the steps to configure public key authentication for admin account.

Generate an RSA key pair

  • Download and install both PuTTY and PuTTYGen from
  • Open PuTTYGen and select SSH-2 RSA (or RSA in newer version of PuTTYGen) and click Generate.

  • Save the public and private key

  • Note: PuTTYGen will generate a warning if your keylife isn’t protected by a password. Password protected is recommended as an additional security meansure, but not required for SSH to work.
  • If you’d like to set a password, enter it in the Key Passphrase and repeat it in the Confirm Passphrase fields prior to clicking Save private key.

Add the public key to Sophos Firewall

  • Copy the public key from PuTTYGen or from it’s saved location and go to Administrator -> Device Access. Add this public key under Public Key Authentication section.

Add the private key to PuTTY and authenticate to Sophos Firewall

  • Start PuTTY and go to Connection -> SSH -> Auth.
  • Click Browse to select the .ppk keyfile generated earlier.

  • Navigate to Session and enter the Sophos Firewall’s IP address or hostname.
  • Make sure Connection type is set to SSH and click Open to connect to Sophos Firewall.


  • Enter the name admin to authenticate to Sophos firewall.

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.