In order to set up the Public Key Login with ConfD, both the client and the server machines need to be configured.
As stated in the "Setting Up Public Key Login" section, you will first need to generate a private/public key pair on the client machine. There is a screen shot illustrating how to generate the key pair for an example user called bob on your client machine. The key pair typically goes to ~/.ssh on a Linux system.
After that, you will need to copy the contents of id_rsa.pub that was generated above to a file called authorized_keys under the
<ssh_keydir> directory for the user that you are trying to login to on the ConfD server which is part of the aaa information as configured through ConfD. If you work with the intro examples of ConfD, you can see that
<ssh_keydir> is configured as /var/confd/homes/admin/.ssh for the admin user.
Let's pick a concrete example such as intro/1-2-3. After you have modified the confd.conf settings to set
<sshPubKeyAuthentication> to local and copied id_rsa.pub created from your client machine to /var/confd/homes/admin/.ssh/authorized_keys, you should now be able to start the ConfD daemon and connect through NETCONF's ssh connection to the admin account using the public key mechanism.
It is important to note that the NETCONF ssh port is configured as 2022 in the intro/1-2-3 example.