# Password Encryption and Public Key Authentication

In general, clear text passwords such as in a URL argument are stored internally in an encrypted form so that they are unreadable when the system configuration is displayed. In some cases, an entire command parameter may be encrypted when there is special sensitivity involved. Encrypted strings begin with a tilde (“\~”) character.

The system supports SSH public key authentication for all commands that use the SSH protocol, including the ssh command and any file transfer commands using the scp and sftp schemes. This eliminates the need to specify passwords inside a URL.

The [show ssh-client-keys](/island-router-cli-2.3.2/commands/show-ssh-client-keys.md) command can be used to obtain the user’s public key from the local system so that it can be added to the list of authorized keys on the remote system.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.islandrouter.com/island-router-cli-2.3.2/password-encryption-and-public-key-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.