User Tools

Site Tools


ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
ssh [2017/05/19 20:38]
deul [SSH keys]
ssh [2019/05/06 09:16] (current)
jansen remove references to authorized_keys2, add section for local use with shared home directory
Line 22: Line 22:
 --------- ---------
  
-====== SSH shell access ​======+====== SSH tunnels ​====== 
 +For the Mac and Linux commandline ssh client, setting up a tunnel is usually a matter of using the option \\ 
 +''​%%-L local_port:​remote_machine:​remote_port%%'',​ e.g. ''​%%-L 3389:​windows machine:​3389%%''​ \\ 
 +for forwarding a Windows remote desktop. More detail can be found in the [[vnc|vnc ssh tuning pages]]. 
 + 
 +See [[linux:​putty]] for instructions about setting up a tunnel with ''​%%putty%%''​ (Windows, linux ssh client). 
 +====== SSH client software ====== 
 +Linux and macOS come with a commandline client for ssh. 
 +For Windows, the recommended client is [[linux:​putty]] 
 ====== SSH keys ====== ====== SSH keys ======
 ====Create a key pair==== ====Create a key pair====
Line 46: Line 55:
  
 The file identity.pub contains your public key, which can be added to other system'​s authorized keys files. The file identity.pub contains your public key, which can be added to other system'​s authorized keys files.
 +
 +====Simplified version in case of a shared home disk====
 +This is how you authorize the key for use within a local network with shared home disk. See below for the general case of accessing a remote system.
 +
 +Simply add the public part of the key to your .ssh/​authorized_keys file, and make sure that that file is not accessible for others:
 +  cat ~/​.ssh/​id_dsa.pub >> ~/​.ssh/​authorized_keys
 +  chmod 600 ~/​.ssh/​authorized_keys
 +
  
 ====Copy public key to server==== ====Copy public key to server====
Line 57: Line 74:
   id_dsa.pub ​   100% |*****************************************************| ​  ​526 ​      00:00   id_dsa.pub ​   100% |*****************************************************| ​  ​526 ​      00:00
  
 +This will place your keys in your home directory on the remote server. After that we will login on the remote server using ssh the conventional way... with a password.
  
-====== SFTP and SCP file access ====== +When you are logged in you should create a .ssh directory, ​and inside the .ssh/ directory create an authorized_keys ​file and add the keys to the file. Make sure the files are not readable for other users/​groups. chmod 600 authorized_keys does the trick. 
-====== SSH tunnels ====== + 
-For the Mac and Linux commandline ​ssh client, setting up a tunnel is usually a matter of using the option \\ +Placing ​the key works as follows: 
-''​%%-L local_port:​remote_machine:​remote_port%%'',​ e.g''​%%-L 3389:​windows machine:​3389%%''​ \\ + 
-for forwarding a Windows remote desktopMore detail ​can be found in the [[vnc|vnc ssh tuning pages]].+  $ cd .ssh 
 +  $ touch authorized_keys 
 +  $ chmod 600 authorized_keys 
 +  $ cat ../id_dsa.pub >> authorized_keys 
 +  $ rm ../​id_dsa.pub 
 + 
 +From now on you can login from client yyyy to server zzzz without having to specify a password.
  
-See [[linux:​putty]] for instructions about setting up a tunnel with ''​%%putty%%''​ (Windows, linux ssh client). 
-====== SSH client software ====== 
-Linux and macOS come with a commandline client for ssh. 
-For Windows, the recommended client is [[linux:​putty]] 
ssh.1495226285.txt.gz · Last modified: 2017/05/19 20:38 by deul