This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
services:2fa:ssh:linux [2021/03/22 11:18] – created deul | services:2fa:ssh:linux [2021/07/08 09:21] (current) – deul | ||
---|---|---|---|
Line 25: | Line 25: | ||
+----[SHA256]-----+ | +----[SHA256]-----+ | ||
- | For both question | + | For both questions |
$ ls -ltr id_ecdsa* | $ ls -ltr id_ecdsa* | ||
Line 31: | Line 31: | ||
-rw-r--r-- 1 testuser1 users 195 Mar 22 12:13 id_ecdsa.pub | -rw-r--r-- 1 testuser1 users 195 Mar 22 12:13 id_ecdsa.pub | ||
- | The file id_rsa.pub must be transferred to the remote host. For this we can use ssh-copy-id: | + | The file id_ecdsa.pub must be transferred to the remote host. For this we can use ssh-copy-id: |
- | $ ssh-copy-id -i ~/.ssh/id_edcsa.pub username@remote-host | + | $ ssh-copy-id -i ~/.ssh/id_ecdsa.pub username@remote-host |
This may produce the following message: | This may produce the following message: | ||
- | / | + | / |
The authenticity of host ' | The authenticity of host ' | ||
ECDSA key fingerprint is SHA256: | ECDSA key fingerprint is SHA256: | ||
Line 47: | Line 47: | ||
/ | / | ||
username@remote-host' | username@remote-host' | ||
+ | One-time password (OATH) for `username`: | ||
- | Type your password to actually start the file copy. | + | Type your password |
Number of key(s) added: 1 | Number of key(s) added: 1 | ||
Line 54: | Line 55: | ||
Now try logging into the machine, with: " | Now try logging into the machine, with: " | ||
and check to make sure that only the key(s) you wanted were added. | and check to make sure that only the key(s) you wanted were added. | ||
+ | |||
+ | |||
+ | The passwordless ssh login is now in place. | ||
+ | =====Alternative public key copy===== | ||
+ | |||
+ | It may be that ssh-copy-id is not available with your version of OpenSSH. In that case you need to copy the information yourself. This can be done following the below procedure. | ||
+ | |||
+ | It is possible to copy the public key directly to the remote host. The command below pipes the content of the public key through the ssh login to the remote host. On the remote host we first create the .ssh directory (if not there) and then append the public key content to the authorized_keys file, all in one command: | ||
+ | |||
+ | cat ~/ | ||
+ | |||
+ | where username@remote-host can also me replaced by the logical name you have defined while configuring the ssh. | ||
+ | |||
+ | After successful execution of above command you can login to remote-host without specifying a password. |