Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
student:utilities:start:keypairs [2019/02/15 17:11] – created bernstdhstudent:utilities:start:keypairs [2024/02/13 10:00] (current) stewarmc
Line 1: Line 1:
- 
 ===== Using SSH with a Key-Pair ===== ===== Using SSH with a Key-Pair =====
  
-Secure shell (i.e., ''%%ssh%%'') normally prompts you for an ID and password when you login, however, it's possible to "sidestep" this process using a public/private key pair for authentication. This is particaulrly convenient when using some other protocol (e.g., SVN, Git) on top of SSH. To take advantage of this feature you must first create such a pait and then provide the server with your public key.+Secure shell (i.e., ''%%ssh%%'') normally prompts you for an ID and password when you login, however, it's possible to "sidestep" this process using a public/private key pair for authentication. This is particularly convenient when using some other protocol (e.g., SVN, Git) on top of SSH. To take advantage of this feature you must first create such a pair and then provide the server with your public key.
  
 === Checking for an Existing Key-Pair === === Checking for an Existing Key-Pair ===
Line 14: Line 13:
 === Creating a Key-Pair === === Creating a Key-Pair ===
  
-You can create a key-pair using the ''%%ssh-keygen%%'' utility from the command shell. (In versions of MS-Windows prior to 10 you should use the PuTTY Key Generator or the MSYS/MINGW shell, instead, both of which are available for free.)+You can create a key-pair using the ''%%ssh-keygen%%'' utility from the command shell. (In versions of MS-Windows prior to 10 you will need to use the PuTTY Key Generator or the MSYS/MINGW shell, both of which are available for free.)
  
 To do so, enter the command: To do so, enter the command:
Line 30: Line 29:
 === Copying your Public Key to a Linux Server === === Copying your Public Key to a Linux Server ===
  
-On Linux server's, a user's public keys are stored in the file ''%%~/.ssh/authorized_keys%%''. If you have ''%%ssh-copy-id%%'' on your operating system, you can use it to upload your public key to a Linux server and append it to this file. If not, you will need to upload the file manually (e.g., using SCP) and then append it tothis file as follows:+On Linux servers, a user's public keys are stored in the file ''%%~/.ssh/authorized_keys%%''. If you have ''%%ssh-copy-id%%'' on your computer, you can use it to upload your public key to a Linux server (e.g., ''%%stu.cs.jmu.edu%%'' and append it to this file. If not, you will need to upload the file manually (e.g., using SCP) and then append it to this file as follows:
  
 <code bash> <code bash>
 cat id_rsa.pub >> ~/.ssh/authorized_keys cat id_rsa.pub >> ~/.ssh/authorized_keys
 +</code>
 +
 +=== Logging-In using the Key-Pair ===
 +
 +At this point, you should be able to use SSH (either directly or indirectly) to login to the Linux server without providing an ID and/or password.
 +
 +=== SSH Config File Example ===
 +Below is an example ssh config file that on linux and mac would be located at ''%%~/.ssh/config%%''
 +<code>
 +Host *
 + ServerAliveInterval 30
 + ServerAliveCountMax 120
 + AddKeysToAgent yes # https://man.openbsd.org/ssh_config#AddKeysToAgent
 + IdentitiesOnly yes
 +Host stu
 + HostName stu.cs.jmu.edu
 + # next setting only necessary if you aren't using a default-named key like id_rsa or id_ed25519
 +        # IdentityFile ~/.ssh/fac.cs.jmu.edu
 + User stewarmc # if you specify a user, you don't have to put the user@ when connecting via ssh
 +Host aplaceicantreachdirectly
 +        HostName internalonly.cs.jmu.edu
 +        ProxyJump stu
 +        ## some ssh servers may be listenign on a non-standard port. (the standard is 22)
 +        # Port 23 # is typically for telnet, but people can do what they want with their servers 
 </code> </code>