ssh: Difference between revisions
from HTYP, the free directory anyone can edit if they can prove to me that they're not a spambot
Created page with "{{seed}} ==Notes== To enable logging in from a specific remote client with no password (typically so scripts can connect with ssh or rsync): * Generate a public/private ke..." |
clarifications and a link |
||
| Line 5: | Line 5: | ||
* Copy the public key file (~/.ssh/id_rsa.pub) from the client to ~/.ssh/authorized_keys | * Copy the public key file (~/.ssh/id_rsa.pub) from the client to ~/.ssh/authorized_keys | ||
** If the latter file doesn't already exist, then it can just be a direct copy of id_rsa.pub. | ** If the latter file doesn't already exist, then it can just be a direct copy of id_rsa.pub. | ||
** If the latter file ''does'' already exist, then id_rsa.pub can | ** If the latter file ''does'' already exist, then id_rsa.pub can just be appended to authorized_keys. | ||
* It may be necessary to manually log on once to the client from the host (using the same usernames as above) in order to add the client to the host's known_hosts file; I'm not sure about this part. Need to test. | * It may be necessary to manually log on once to the client from the host (using the same usernames as above) in order to add the client to the host's known_hosts file; I'm not sure about this part. Need to test. | ||
* Manually log on from the client to the host to make sure that the host is added to the client's known_hosts file, otherwise the verification prompt may interrupt any processes trying to log on automatically. | * Manually log on from the client to the host to make sure that the host is added to the client's known_hosts file, otherwise the verification prompt may interrupt any processes trying to log on automatically. | ||
* If you disable logins now (e.g. via [[Webmin]]'s "No login allowed" option), you will still be able to log in from a client with an authorized key. | |||
Specific commands for doing this may be found [http://linuxproblem.org/art_9.html here]. | |||
Revision as of 14:16, 17 November 2013
<hide>
page status::seed
</hide>
|
This page is a seed article. You can help HTYP water it: make a request to expand a given page and/or donate to help give us more writing-hours!
|
Notes
To enable logging in from a specific remote client with no password (typically so scripts can connect with ssh or rsync):
- Generate a public/private key pair on the client using ssh-keygen
- Copy the public key file (~/.ssh/id_rsa.pub) from the client to ~/.ssh/authorized_keys
- If the latter file doesn't already exist, then it can just be a direct copy of id_rsa.pub.
- If the latter file does already exist, then id_rsa.pub can just be appended to authorized_keys.
- It may be necessary to manually log on once to the client from the host (using the same usernames as above) in order to add the client to the host's known_hosts file; I'm not sure about this part. Need to test.
- Manually log on from the client to the host to make sure that the host is added to the client's known_hosts file, otherwise the verification prompt may interrupt any processes trying to log on automatically.
- If you disable logins now (e.g. via Webmin's "No login allowed" option), you will still be able to log in from a client with an authorized key.
Specific commands for doing this may be found here.
