SSH with passphrase: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
The following recipe works on both Mac OSX and Linux. | The following recipe works on both Mac OSX and Linux. | ||
Suppose you want to connect to <code> | Suppose you want to connect to <code>gemini.science.uu.nl</code> from another computer ''A'', where you are logged in as user ''a''. | ||
First log in on computer ''A'' as user ''a'' and generate a pair of authentication keys (substitute the correct username and machinename for ''a'' and ''A''); open Terminal: | First log in on computer ''A'' as user ''a'' and generate a pair of authentication keys (substitute the correct username and machinename for ''a'' and ''A''); open Terminal: | ||
| Line 16: | Line 16: | ||
95:9f:a5:6a:d0:2d:82:68:6f:9c:c5:38:20:e4:e5:7c a@A.phys.uu.nl | 95:9f:a5:6a:d0:2d:82:68:6f:9c:c5:38:20:e4:e5:7c a@A.phys.uu.nl | ||
Now use <code>ssh</code> to create a directory <code>~/.ssh</code> on | Now use <code>ssh</code> to create a directory <code>~/.ssh</code> on gemini.science.uu.nl using your own solisid and password (the directory may already exist) | ||
A:~ a$ ssh yoursolisid@ | A:~ a$ ssh yoursolisid@gemini.science.uu.nl mkdir –p .ssh | ||
yoursolisid@ | yoursolisid@gemini.science.uu.nl's password: | ||
Finally append ''a''’s new public key to <code>yoursolisid@ | Finally append ''a''’s new public key to <code>yoursolisid@gemini.science.uu.nl:.ssh/authorized_keys2</code> | ||
and enter password for yoursolisid@ | and enter password for yoursolisid@gemini.science.uu.nl (''not'' the passphrase) | ||
A:~ a$ cat .ssh/id_rsa.pub | ssh yoursolisid@ | A:~ a$ cat .ssh/id_rsa.pub | ssh yoursolisid@gemini.science.uu.nl 'cat >> .ssh/authorized_keys2' | ||
yoursolisid@ | yoursolisid@gemini.science.uu.nl's password: | ||
{{float|[[Image:SSH-with-passphrase.png|link=]]|width=300|float=right|tooltip=Mac OSX only}} | {{float|[[Image:SSH-with-passphrase.png|link=]]|width=300|float=right|tooltip=Mac OSX only}} | ||
From now on you can log into | From now on you can log into gemini.science.uu.nl from ''A'' with passphrase (image on right for Mac OSX only). | ||
A:~ A$ ssh yoursolisid@ | A:~ A$ ssh yoursolisid@gemini.science.uu.nl | ||
Last login: Wed Sep 18 12:41:48 2013 from A.phys.uu.nl | Last login: Wed Sep 18 12:41:48 2013 from A.phys.uu.nl | ||
********************************************************************* | ********************************************************************* | ||
* Welcome to | * Welcome to gemini.science.uu.nl * | ||
* <..> * | |||
******************************************************************** | |||
-bash-3.2$ | -bash-3.2$ | ||
Revision as of 12:01, 3 October 2017
The following recipe works on both Mac OSX and Linux.
Suppose you want to connect to gemini.science.uu.nl from another computer A, where you are logged in as user a.
First log in on computer A as user a and generate a pair of authentication keys (substitute the correct username and machinename for a and A); open Terminal:
A:~ a$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/a/.ssh/id_rsa): Created directory '/Users/a/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/a/.ssh/id_rsa. Your public key has been saved in /Users/a/.ssh/id_rsa.pub. The key fingerprint is: 95:9f:a5:6a:d0:2d:82:68:6f:9c:c5:38:20:e4:e5:7c a@A.phys.uu.nl
Now use ssh to create a directory ~/.ssh on gemini.science.uu.nl using your own solisid and password (the directory may already exist)
A:~ a$ ssh yoursolisid@gemini.science.uu.nl mkdir –p .ssh yoursolisid@gemini.science.uu.nl's password:
Finally append a’s new public key to yoursolisid@gemini.science.uu.nl:.ssh/authorized_keys2
and enter password for yoursolisid@gemini.science.uu.nl (not the passphrase)
A:~ a$ cat .ssh/id_rsa.pub | ssh yoursolisid@gemini.science.uu.nl 'cat >> .ssh/authorized_keys2' yoursolisid@gemini.science.uu.nl's password:
From now on you can log into gemini.science.uu.nl from A with passphrase (image on right for Mac OSX only).
A:~ A$ ssh yoursolisid@gemini.science.uu.nl Last login: Wed Sep 18 12:41:48 2013 from A.phys.uu.nl ********************************************************************* * Welcome to gemini.science.uu.nl * * <..> * ******************************************************************** -bash-3.2$
Change the permissions of .ssh to 700
-bash-3.2$ chmod 700 .ssh
Change the permissions of .ssh/authorized_keys2 to 600
-bash-3.2$ chmod 600 .ssh/authorized_keys2