Jump to content

SSH-Keys: Difference between revisions

SSH-Keys (view source)

Revision as of 12:21, 19 May 2011

307 bytes added ,  19 May 2011
Update to include ssh-copy-id and changing ssh passphrases.
(Update to include ssh-copy-id and changing ssh passphrases.)
Line 1: Line 1:
To use this you will need to have ssh on your current machine. SSH-Keys are used to allow passwordless access to a machine. It uses an unique host key to identify who you are.
SSH-Keys are used to allow passwordless access to a machine. It uses an unique host key to identify who you are.
 
To use this you will need to have ssh on your current machine.  


==Linux SSH-Keys==
==Linux SSH-Keys==
 
===Creating the Key===
First of all, you will need to create your secret key which will remain on the machine you are ssh'ing from. This is done by typing:
First of all, you will need to create your secret key which will remain on the machine you are ssh'ing from. This is done by typing:
  ssh-keygen -t dsa
  ssh-keygen -t dsa
Line 9: Line 11:
You will then be asked for a passphrase. A passphrase will help to stop people who get access to your console getting access to different accounts. Its basically to help make it more secure. Once you have entered your passphase , you will be asked to re-type your passphrase. You can just just press enter if you don't want to use a passphrase.
You will then be asked for a passphrase. A passphrase will help to stop people who get access to your console getting access to different accounts. Its basically to help make it more secure. Once you have entered your passphase , you will be asked to re-type your passphrase. You can just just press enter if you don't want to use a passphrase.


You will then need to copy your public key (~/.ssh/id_dsa.pub) to the server you wish to ssh to. This is done by:
===Copying the Key to Redbrick===
  scp ~/.ssh/id_dsa.pub username@login.redbrick.dcu.ie:.ssh/
Now you will then need to copy your public key (~/.ssh/id_dsa.pub) to the server you wish to ssh to. Redbrick's machines have a common home directory so you only need to transfer your ssh-key once.
 
Two options for transferring your key are outlined bellow;
 
====Option 1====
  ssh-copy-id -i ~/.ssh/id_dsa.pub username@login.redbrick.dcu.ie
 
This will append your key to your authorized_keys file on redbrick.


====Option 2====


All of RedBrick's machines have shared home directories for users so once you set up ssh-keys for one, you've done it for all of them.
scp ~/.ssh/id_dsa.pub username@login.redbrick.dcu.ie:.ssh/


This will put the file in the ~/.ssh folder of your account on the machine you want to ssh to.
This will put the file in the ~/.ssh folder of your account on the machine you want to ssh to.
Line 23: Line 33:
  cat id_dsa.pub >> authorized_keys
  cat id_dsa.pub >> authorized_keys


Once all that is done, then all that remains to do is to remove the id_dsa.pub on the machine you wish to ssh to rm ~/.ssh/id_dsa.pub. Note that this will only work when ssh'ing from the machine you set up the keys on to the machine you sent your public key to. The next time you log in you will be asked for your passphrase or logged straight on if you did not choose to have a passphrase.
Once all that is done, then all that remains to do is to remove the id_dsa.pub on the machine you wish to ssh to rm ~/.ssh/id_dsa.pub.
If you have any problems at any stage, helpdesk will be more than happy in helping you out. Have fun :-)
 
===Changing your Passphrase===
From time to time you may wish to change the passprhase on your ssh-key. To do this run the following command
ssh-keygen -f ~/.ssh/id_dsa -p
It will prompt you for your current passphrase. Once you have typed your current passphrase it will ask you for a new passphrase. You will then be asked to re-enter it to validate it.
 
The next time you connect to redbrick it should use this new passphrase.


==Windows SSH-Keys with Putty==
==Windows SSH-Keys with Putty==
Retrieved from "https://wiki.redbrick.dcu.ie/Special:MobileDiff/9989"