sshkey
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
sshkey [2007/01/30 14:23] – damir | sshkey [2011/04/05 16:05] – cangiani | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
- | You can connect to the servers using the SSH protocol | + | You can connect to the servers using the SSH protocol |
This behaviour can be used when you are using the Servers from the Epfl Network, but also when you connect to the server from outside the Epfl. | This behaviour can be used when you are using the Servers from the Epfl Network, but also when you connect to the server from outside the Epfl. | ||
+ | ===== Setup ===== | ||
- | ==== ssh without password from local workstation | + | ==== Generate the public/ |
- | * Login in your workstation and open a Terminal Windows | + | Note that this doc applies only to Unix (Mac/Linux). There are similar things on window but they might not work //exactly// as described here. |
- | * Execute this command | + | |
- | $ sshkeygen -t dsa | ||
- | |||
- | * When the system ask a name for the file **id_dsa** just press enter | ||
- | * Do the same for the **id_dsa.pub** file | ||
- | |||
- | * cd in your .ssh directory with | ||
- | |||
- | $ cd ~/.ssh | ||
+ | * Login in your workstation and open a Terminal Windows (if you are using the Graphical interface) | ||
* Execute this command | * Execute this command | ||
- | $ cat id_dsa.pub >> autorhized_keys | + | $ ssh-keygen |
- | + | ||
- | From now, every time you connet to a server, the server will recognize your workstation automatically (it read the ~/.ssh/ | + | |
- | + | ||
- | + | ||
- | ==== ssh without password from laptop or others workstations ==== | + | |
- | + | ||
- | === Apple Os X & Linux === | + | |
- | + | ||
- | * Open a terminal emulation window | + | |
- | * Execute the command | + | |
- | $ sshkeygen | + | |
* When the system ask a name for the file **id_dsa** just press enter | * When the system ask a name for the file **id_dsa** just press enter | ||
- | * Do the same for the **id_dsa.pub** file | ||
- | * cd in your .ssh directory with | ||
- | | + | |
- | * Execute this command | + | * Now you have to append the content of your public key file '' |
- | $ cat id_dsa.pub | + | $ cat ~/.ssh/id_dsa.pub |
- | * Open another window and from this connect | + | * In our cluster, all the machines have access |
- | * cd in .ssh directory with | + | |
- | $ cd ~/.ssh | + | $ cat ~/.ssh/id_dsa.pub >> ~/ |
- | * Execute | + | From now, every time you connet to a server, |
- | + | ||
- | $ cat >> autorhized_keys | + | |
- | * Now copy & paste with the mouse the key you have in the first window (something that start with sh-dss AAAAB3NzaC1k....) to the second window. | + | ==== Setup ssh-agent ==== |
- | * press the **Ctrl+d** key combination to close the **cat** command | + | |
- | * Try to connect to **lth.epfl.ch**, | + | |
+ | In fact, since your private key is encrypted, you need to type the password that can decrypt it each time you want to use it. Seems like we didn't gain anything till now. | ||
+ | Ssh-agent is a program that keeps in memory your decrypted private ssh key and serves it to ssh when it is needed. In this way you only have to type the decryption password only once. Keeping the decrypted key (or the password) in memory is considered safer than letting the key file un-encrypted. | ||
+ | Let's set it up. |
sshkey.txt · Last modified: 2022/08/05 13:20 by admin