User Tools

Site Tools


generating_ssh_keys
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


generating_ssh_keys [2018/12/17 11:39] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +===== Generating SSH Keys for Off-Site Filesystem =====
 +
 +**Generating SSH Keys for Automated Backups**
 +
 +It is not practical for you to be physically present, typing in your OpenDocMan Off-Site password, every night when your backup is to run.
 +
 +By creating a public/private SSH keypair, and uploading the public key to your OpenDocMan Off-Site filesystem, you can allow your backup process to authenticate without your password.
 +
 +
 +**Generating the SSH Keypair**
 +
 +First, log into your unix system as the user that your backups will run under. So, if your backups will run as the root user (which is very common) you need to log in as root.
 +
 +Now run the following command:
 +
 +ssh-keygen -t rsa
 +
 +Accept the defaults - do not change the filenames or file locations It is very important that the resultant private and public keys reside in your home directories .ssh directory, or ~/.ssh (which is the default)
 +
 +DO NOT enter a passphrase - just hit enter twice, leaving an empty passphrase.
 +
 + 
 +
 +**Uploading Your Public Key**
 +
 +Upload your newly created public key using this command:
 +
 +scp ~/.ssh/id_rsa.pub [email protected]:.ssh/authorized_keys
 +DO NOT change the permissions on the uploaded file, before or after the upload
 +
 +DO NOT change the permissions on your home directory, or your .ssh directory
 +
 +NOTE: [email protected] is most certainly NOT your login ID or hostname - please change them.
 +
 + 
 +
 +**Testing Your Passwordless Login**
 +
 +Test that your key works by ssh'ing to your OpenDocMan Off-Site filesystem (from your local system, as the user who created/uploaded the key):
 +
 +ssh [email protected] ls
 +You should not be asked for a password
 +
 + 
 +
 +**Multiple Keys (optional)**
 +
 +It is possible to upload multiple public keys to your account, allowing one or more users on one or more computer systems to log in without a password. However, you cannot just follow the above instructions over and over again, because each time you follow them, you will overwrite the previous key.
 +
 +Instead, do this:
 +
 +1. For the first user on the first computer system, follow the instructions above exactly.
 +
 +2. For each subsequent user (possibly on different computer systems), replace the 'scp' step in the above instructions with:
 +
 +cat ~/.ssh/id_rsa.pub | ssh [email protected] 'dd of=.ssh/authorized_keys oflag=append conv=notrunc'
 +3. Repeat this process for each user until you have a fully populated authorized_keys file in your account.
 +
 + 
 +
 +**Support**
 +
 +If you have _any problems_ with this process, do not hesitate to [[http://www.opendocman.com/contact-us/|contact us]] - we will help you immediately, and have you up and running that same day.
  
generating_ssh_keys.txt · Last modified: 2018/12/17 11:39 by 127.0.0.1