User Tools

Site Tools


generating_ssh_keys

Generating SSH Keys for Off-Site Filesystem

Generating SSH Keys for Automated Backups

It is not practical for you to be physically present, typing in your OpenDocMan Off-Site password, every night when your backup is to run.

By creating a public/private SSH keypair, and uploading the public key to your OpenDocMan Off-Site filesystem, you can allow your backup process to authenticate without your password.

Generating the SSH Keypair

First, log into your unix system as the user that your backups will run under. So, if your backups will run as the root user (which is very common) you need to log in as root.

Now run the following command:

ssh-keygen -t rsa

Accept the defaults - do not change the filenames or file locations It is very important that the resultant private and public keys reside in your home directories .ssh directory, or ~/.ssh (which is the default)

DO NOT enter a passphrase - just hit enter twice, leaving an empty passphrase.

Uploading Your Public Key

Upload your newly created public key using this command:

scp ~/.ssh/id_rsa.pub [email protected]:.ssh/authorized_keys DO NOT change the permissions on the uploaded file, before or after the upload

DO NOT change the permissions on your home directory, or your .ssh directory

NOTE: [email protected] is most certainly NOT your login ID or hostname - please change them.

Testing Your Passwordless Login

Test that your key works by ssh'ing to your OpenDocMan Off-Site filesystem (from your local system, as the user who created/uploaded the key):

ssh [email protected] ls You should not be asked for a password

Multiple Keys (optional)

It is possible to upload multiple public keys to your account, allowing one or more users on one or more computer systems to log in without a password. However, you cannot just follow the above instructions over and over again, because each time you follow them, you will overwrite the previous key.

Instead, do this:

1. For the first user on the first computer system, follow the instructions above exactly.

2. For each subsequent user (possibly on different computer systems), replace the 'scp' step in the above instructions with:

cat ~/.ssh/id_rsa.pub | ssh [email protected] 'dd of=.ssh/authorized_keys oflag=append conv=notrunc' 3. Repeat this process for each user until you have a fully populated authorized_keys file in your account.

Support

If you have _any problems_ with this process, do not hesitate to contact us - we will help you immediately, and have you up and running that same day.

generating_ssh_keys.txt · Last modified: 2018/12/17 11:39 (external edit)