Changes between Version 43 and Version 44 of Documentation/bAccountManagement/DSSHConf
- Timestamp:
- May 16, 2017, 5:35:30 PM (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Documentation/bAccountManagement/DSSHConf
v43 v44 4 4 ORBIT access machines are configured to allow login only by public key authentication, which let users log into consoles without the need to use their user's passwords. This requires users to configure their SSH client to use their private key instead of password and to register their public key(s) with the ORBIT infrastructure. This page describes the procedure for generating the key pair and configuring client side for selected platforms. 5 5 6 === Generating SSH Keys === 6 7 7 [[CollapsibleStart(Linux)]] 8 Each distribution has their own location for the specific generation tools. The documentation for Ubuntu is located [https://help.ubuntu.com/community/SSH/OpenSSH/Keys here]. The generation process can be done with the ssh-keygen utility. 8 [[CollapsibleStart(Linux)]] 9 Each distribution has their own location for the specific generation tools. The documentation for Ubuntu is located 10 [https://help.ubuntu.com/community/SSH/OpenSSH/Keys here]. The generation process can be done with the ssh-keygen utility. 9 11 10 To create your public and private SSH keys on the command-line:12 To create your public and private SSH keys on the command-line: 11 13 {{{ 12 14 ssh-keygen -t rsa … … 20 22 }}} 21 23 22 This process will generate and store a private key and a public key file. The public key file will be named id_rsa.pub, and the private key will be stored in the file you specify when prompted. [#Upload Upload] your new public key to your orbit account.23 [[CollapsibleEnd]]24 This process will generate and store a private key and a public key file. The public key file will be named id_rsa.pub, and the private key will be stored in the file you specify when prompted. [#Upload Upload] your new public key to your orbit account. 25 [[CollapsibleEnd]] 24 26 25 [[CollapsibleStart(Windows)]] 27 [[CollapsibleStart(Windows)]] 28 [[CollapsibleStart(PuTTY)]] 26 29 27 ==== PuTTY ==== 28 In putty the key generation is handled by a separate program named puttygen.exe. If you've installed putty via the installer there may be an icon for it in the putty menu group, otherwise download it [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html here]. Generating a public/private key pair on your host by using PuTTYgen as illustrated in the following table (for more details on configuration please csee [http://www.chiark.greenend.org.uk/~sgtatham/putty/ putty documentation]): 30 In putty the key generation is handled by a separate program named puttygen.exe. If you've installed putty via the installer there may be an icon for it in the putty menu group, otherwise download it [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html here]. Generating a public/private key pair on your host by using PuTTYgen as illustrated in the following table (for more details on configuration please csee [http://www.chiark.greenend.org.uk/~sgtatham/putty/ putty documentation]): 29 31 30 || 1. || Start PuTTYgen; The running executable windows is shown on the left. || [[Image(PuTTYgen1.jpg, width=300)]] || 31 || 2. || Click the Generate button. You will be asked to move mouse to generate some randomness. After that the program will generate key and display the result.[[BR]] You can leave blank "Key passphrase" and "Confirm passphrase" to be able to authenticate without passphrase.[[BR]] Save public and private key (you can recover the public key from the private key with PuTTYgen by clicking the Load button). || [[Image(PuTTYgen2.jpg, width=300)]] || 32 || 3. || [#Upload Upload] your new public key to your orbit account. |||| 33 || 4. || To connect to remote host by using newly minted keys configure your session in PuTTY: '''Load''' the session profile, go to Connection > SSH > Auth window and select the newly created private key; click '''Save''' to update session profile and then proceed to connect. If you didn't specify the passphrase in step 2, you won't be prompted for the password. || [[Image(PuTTYgen5.jpg, width=300)]] || 32 || 1. || Start PuTTYgen; The running executable windows is shown on the left. || [[Image(PuTTYgen1.jpg, width=300)]] || 33 || 2. || Click the Generate button. You will be asked to move mouse to generate some randomness. After that the program will generate key and display the result.[[BR]] You can leave blank "Key passphrase" and "Confirm passphrase" to be able to authenticate without passphrase.[[BR]] Save public and private key (you can recover the public key from the private key with PuTTYgen by clicking the Load button). || [[Image(PuTTYgen2.jpg, width=300)]] || 34 || 3. || [#Upload Upload] your new public key to your orbit account. |||| 35 || 4. || To connect to remote host by using newly minted keys configure your session in PuTTY: '''Load''' the session profile, go to Connection > SSH > Auth window and select the newly created private key; click '''Save''' to update session profile and then proceed to connect. If you didn't specify the passphrase in step 2, you won't be prompted for the password. || [[Image(PuTTYgen5.jpg, width=300)]] || 36 [[CollapsibleEnd]] 34 37 38 ==== SSH Secure Shell ==== 35 39 36 ==== SSH Secure Shell ==== 40 || 1. || Start the ssh client || [[Image(SecSh1.jpg, width=300)]][[BR]] || 41 || 2. || From the menu choose Edit> Settings option and then Key || [[Image(SecSh2.jpg, width=300)]] || 42 || 3. || Click the Generate button, click Next, select RSA type of the key and click Next and wait until key is generated || [[Image(SecSh3.jpg,width=300)]] || 43 || 4. || Enter file name for private key and comment. Leave passphrase blank. Click Next, Next and then save public key into file by clicking Export button and then click Finish || [[Image(SecSh6.jpg, width=300)]] || 44 || 5. || [#Upload Upload] your new public key to your orbit account. |||| 45 || 6. || After you upload public key you can connect to host choosing Public Key option for Authentication Method. ||[[Image(SecSh8.jpg, width=300)]] || 37 46 38 || 1. || Start the ssh client || [[Image(SecSh1.jpg, width=300)]][[BR]] || 39 || 2. || From the menu choose Edit> Settings option and then Key || [[Image(SecSh2.jpg, width=300)]] || 40 || 3. || Click the Generate button, click Next, select RSA type of the key and click Next and wait until key is generated || [[Image(SecSh3.jpg,width=300)]] || 41 || 4. || Enter file name for private key and comment. Leave passphrase blank. Click Next, Next and then save public key into file by clicking Export button and then click Finish || [[Image(SecSh6.jpg, width=300)]] || 42 || 5. || [#Upload Upload] your new public key to your orbit account. |||| 43 || 6. || After you upload public key you can connect to host choosing Public Key option for Authentication Method. || [[Image(SecSh8.jpg, width=300)]] || 47 [[CollapsibleEnd]] 44 48 45 [[CollapsibleEnd]] 49 [[CollapsibleStart(Mac)]] 50 TODO 51 [[CollapsibleEnd]] 46 52 47 [[CollapsibleStart(Mac)]] 48 [[CollapsibleEnd]] 53 === Uploading the public key to ORBIT === #Upload 49 54 50 === Upload the public key to ORBIT === #Upload 55 To upload you public key to your orbit account visit [https://www.orbit-lab.org/loginService/ControlPanel]. Choose "Change My Profile" option which will bring up the form to upload your public key. Please be aware that IE browser is not supported for Control Panel operations (and key upload). Also, expect to see default ORBIT public key for your account in the list - that is the key that was created with the account and is used for ssh-access between machines in ORBIT testbed. 51 56 52 To upload you public key to your orbit account visit [https://www.orbit-lab.org/loginService/ControlPanel]. Choose "Change My Profile" option which will bring up the form to upload your public key. Please be aware that IE browser is not supported for Control Panel operations (and key upload). Also, expect to see default ORBIT public key for your account in the list - that is the key that was created with the account and is used for ssh-access between machines in ORBIT testbed. 53 54 [[Image(ControlPanel.jpg)]] 57 [[Image(ControlPanel.jpg)]]