🟢 PRTG SSH Key Authentication – Full Secure Configuration Guide

Using SSH Key authentication in PRTG significantly increases security compared to password-based login. In this tutorial, you will learn how to generate SSH keys, configure pfSense and Ubuntu/Proxmox, and properly assign the private key inside PRTG for SSH sensor authentication.

This step-by-step guide ensures your SSH monitoring works correctly and securely.

🔐 Why Use SSH Key for PRTG?

Using an SSH Key instead of passwords provides:

• ✅ Stronger authentication security

• ✅ No plaintext password exposure

• ✅ Protection against brute-force attacks

• ✅ More stable SSH sensor operation

PRTG requires the private key in OpenSSH format, so proper conversion is mandatory.

🛠 Step 1: Install PuTTYgen

Download and install PuTTYgen on your Windows machine.

PuTTYgen is used to generate both:

• Private SSH Key

• Public SSH Key

It also allows exporting the private key in OpenSSH format (required by PRTG).

🔑 Step 2: Generate SSH Private and Public Keys

Open PuTTYgen and generate a new key pair.

✔ Save the Public Key

After generation:

• Copy and save the public key

• This key will be assigned to pfSense or Ubuntu

✔ Convert Private Key to OpenSSH Format

PRTG only accepts OpenSSH private keys.

Inside PuTTYgen:

• Export the private key in OpenSSH format

• Save the file

• Open the file and copy the entire private key content

You will later paste this into PRTG.

🖥 Step 3: Assign the Public Key to the Target Device

You must assign the public SSH key to the device that PRTG will monitor.

🔹 1. Configure SSH Key on pfSense

✔ Assign Public Key

Copy the public key and paste it into:

Paste the public key into the authorized keys section.

✔ Enable SSH on pfSense

Go to:

Enable SSH service.

⚠ Important Notes for pfSense

• You must log in using root user (even though root user is not visible in pfSense GUI)

• Root login bypasses the default pfSense CLI interface

• pfSense does NOT support memory monitoring via SSH

🔹 2. Configure SSH Key on Ubuntu / Proxmox VM

If monitoring Ubuntu or Proxmox, follow these exact steps.

🔹 Step 1: Create a User (If Not Already Created)

🔹 Step 2: Create the .ssh Directory

🔹 Step 3: Assign the Public Key

Open the authorized_keys file:

Paste the ENTIRE public key into one line
(for example, starting with ssh-rsa or ssh-ed25519)

🔹 Step 4: Set Permissions (EXTREMELY IMPORTANT)

Incorrect permissions will cause SSH Key authentication to fail.

🔹 Step 5: Check SSH Configuration

Open SSH config file:

Press Ctrl + W to search and make sure the following settings exist (or are uncommented):

Optional – recommended for PRTG:

Restart SSH service:

🔐 Step 4: Assign the Private SSH Key in PRTG

Now go to PRTG:

• Add SSH credential

• Paste the entire OpenSSH private key content

• Save settings

Make sure:

• For pfSense → use root as username

• For Ubuntu/Proxmox → use the user you created (e.g., prtg)

Once configured correctly, your SSH sensor should authenticate successfully.

🚀 Final Verification

If authentication fails:

• Check key format (must be OpenSSH)

• Verify file permissions on authorized_keys

• Confirm SSH service is running

• Make sure the correct username is used in PRTG

When properly configured, SSH Key authentication provides a secure and stable monitoring method for PRTG SSH sensors.

🎯 Conclusion

Configuring SSH Key authentication in PRTG enhances security and eliminates password dependency. Whether monitoring pfSense, Ubuntu, or Proxmox, following correct key generation, permission settings, and SSH configuration ensures reliable sensor performance.

By implementing SSH Key-based authentication, you build a stronger and more professional monitoring infrastructure.