With the implemenation of two-factor authentication on the ssh protocol at the Observatory, you need to setup two ssh keys to make life easy. These two key are:
Below we deal with these two cases. Please note that when you setup a private/public key pair, you need to be extremely carefull with the private key. It's name already indicates it is a private key. It is like a password, extremely important and you shield this file with your life! It is best if you add, during the creation of the key pair, a complex passphrase.
Login from the internet is usually done from your own personal computer. Of course that is a MacBook, but for all those 'other system' users we describe belog how to setup a private/public key pair to allow seemless logon to the Observatory computers.
For Windows, you can use
Bitvise Tunnelier to open a terminal session to a Linux desktop or server computer. Below we describe the setup for each program separately:
To setup an ssh key pair to allow you to login password/2fa less between Observatory computers tthat all share the
/home directory structure, you can simply create a keypair in your
$ ssh-keygen -t ecdsa Generating public/private ecdsa key pair. Enter file in which to save the key (/home/testuser1/.ssh/id_ecdsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testuser1/.ssh/id_ecdsa Your public key has been saved in /home/testuser1/.ssh/id_ecdsa.pub The key fingerprint is: SHA256:xb4Rs37UbXt3Wn5cHkdKWy2ZDBbor9F83IYNLhjsfIU testuser1@<machine>.strw.leidenuniv.nl The key's randomart image is: +---[ECDSA 256]---+ | ... | | .. o | | o=. + o.| | o++E.O.+| | So+*.=.@o| | .=+* BoB| | o+.o =O| | .. +B| | . o| +----[SHA256]-----+
and then add the public key to your
cat ~/.ssh/id_ecdsa.pub >> ~/.ssh/authorized_keys
From this point on login into Observatory Lunix computers from Observatory Linux computers is easy.