Tue 13 January 2015
Access to servers within ARGOSS use SSH. blah blah
SSH as a rule is installed by the default installation, but if you havent already created a key set then this procedure needs to be carried out before you can acces any of the servers within the ARGOSS Unix network.
First create a key:
$ ssh-keygen -b 2048 -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX user@host If you leave the passphrase empty anybody that has your private key has access to any servers your key has been installed on! All users MUST use a passphrase to protect their key this is the most important part of ssh!!
you can define another filename for your keys this is handy if you have multiple accounts but within argoss this is generally not needed.
You have now created 2 keys a public key (id_rsa.pub) and your private key (id_rsa) both of these files are found within your home directory in the ssh sub directory (~/.ssh) The general idea is that the private key remains ONLY in one place and is guarded, your public key on the other hand needs to be placed on the servers that you need access to.
Never Share your private key
Send IT your public key:
Once you have created your key this needs to be distributed to the servers that you need access to. There are two things required and account on the server and your public keys placed on that server in the accounts .ssh/authorized_keys file.
Your public key will look something like this:
install@simon-test-vm:~/.ssh$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzaXbw8nO1X9uA8S0geCWkeCiTVJtY++R9SmPVUDGiklCk+6reJ1ryId8ERmTJkwGUD2+B+AZRo 6zLbRSgFc3D5VPDsm8DBkUpVeg/uCj0NCdPbUgy/1P+uLl8dPWMnsNKuuKHVYVCiVcwnZz9OSmvJpv1Vxfntdspr4F8cm35uwVmUrTK/TcW64v UsiDA4UbRdSKrOcTlvYt+MQifUU/XpYmCSkSHkvmaiKsz1d74iZk2/3839p3sygG64c7xb4MG8DXiNxXHLf9GRtDxuFjh3ZW8F75gyHB6takCP 3r2A3VWTRyWmu/nV/11bSdZ9kPBwM6/uMgDAEYBvHpR8L5Rw== install@simon-test-vm now send this to email@example.com with the details of the server and account you need to work with
Tips working with ssh
in ~/.ssh/config you can add the details of servers and this will act as a kind of alias file so :
Host leonardo Hostname leonardo.argoss.nl User mickey.mouse You can now issue $ssh leonardo
and the connection will be made to leonardo.argoss.nl with username mickey.mouse
If you have difference keys for servers you can apply this to this file also
Host leonardo Hostname leonardo.argoss.nl User mickey.mouse IdentityFile ~/.ssh/id_rsa_leonardo this way multiple keys can be used for access.