Computer Documentation Wiki

User Tools

Site Tools

Trace:
services:2fa:sshkeys

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
services:2fa:sshkeys [2021/03/22 09:46] – created deulservices:2fa:sshkeys [2021/03/22 14:37] (current) – [From Windows] deul
Line 4: Line 4:
   - To login between computers at the Observatory   - To login between computers at the Observatory
  
-Below we deal with these two cases.+Below we deal with these two cases. Please note that when you setup a private/public key pair, you need to be extremely carefull with the private key. It's name already indicates it is a **private** key. It is like a password, extremely important and you shield this file with your life! It is best if you add, during the creation of the key pair, a complex passphrase.
  
 =====Login from outside the Observatory===== =====Login from outside the Observatory=====
-Login from the internet+Login from the internet is usually done from your own personal computer. Of course that is a MacBook, but for all those 'other system' users we describe belog how to setup a private/public key pair to allow seemless logon to the Observatory computers.
 ====From Windows==== ====From Windows====
 +For Windows, you can use ''%%putty%%'', ''%%MobaXterm%%'' or ''%%Bitvise Tunnelier%%'' to open a terminal session to a Linux desktop or server computer. Below we describe the setup for each program separately:
 +  * [[:services:2fa:ssh:putty|Setup Putty]]
 +  * [[:services:2fa:ssh:winscp|Setup WinSCP]]
 +  * [[:services:2fa:ssh:tunnelier|Setup Bitvise Tunnelier]]
 +
 ====From MacOS==== ====From MacOS====
 +  * [[:services:2fa:ssh:macos|Setup key based login from MacOS]]
 ====From Linux==== ====From Linux====
 +  * [[:services:2fa:ssh:linux|Setup Linux]]
 +
 +
 +=====Ssh key based login between computers at the Observatory=====
 +To setup an ssh key pair to allow you to login password/2fa less between Observatory computers tthat all share the ''%%/home%%'' directory structure, you can simply create a keypair in your ''%%.ssh%%'' directory:
 +  $ ssh-keygen -t ecdsa
 +  Generating public/private ecdsa key pair.
 +  Enter file in which to save the key (/home/testuser1/.ssh/id_ecdsa):
 +  Enter passphrase (empty for no passphrase):
 +  Enter same passphrase again:
 +  Your identification has been saved in /home/testuser1/.ssh/id_ecdsa
 +  Your public key has been saved in /home/testuser1/.ssh/id_ecdsa.pub
 +  The key fingerprint is:
 +  SHA256:xb4Rs37UbXt3Wn5cHkdKWy2ZDBbor9F83IYNLhjsfIU testuser1@<machine>.strw.leidenuniv.nl
 +  The key's randomart image is:
 +  +---[ECDSA 256]---+
 +  |           ...   |
 +  |         .. o    |
 +  |         o=. + o.|
 +  |         o++E.O.+|
 +  |        So+*.=.@o|
 +  |         .=+* BoB|
 +  |          o+.o =O|
 +  |          ..   +B|
 +  |              . o|
 +  +----[SHA256]-----+
 +
 +and then add the public key to your ''%%authorized_keys%%'' file:
 +   cat ~/.ssh/id_ecdsa.pub >> ~/.ssh/authorized_keys
  
-=====Login between computers at the Observatory=====+From this point on login into Observatory Lunix computers from Observatory Linux computers is easy.
services/2fa/sshkeys.1616406408.txt.gz · Last modified: by deul

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki