Passwordless SSH HowTo: Difference between revisions

From LWP-Wiki
Jump to navigation Jump to search
(Created page with "On the LWP it is possible to use SSH to connect to your LWP directly. You will require a SSH key to do so. We have a login server available to access your home dir, so you do...")
 
No edit summary
 
(18 intermediate revisions by the same user not shown)
Line 1: Line 1:
On the LWP it is possible to use SSH to connect to your LWP directly. You will require a SSH key to do so.
It's possible to use SSH to connect from one LWP to another without using a password.<br>
We have a login server available to access your home directory, so you don't have to leave your own PC turned on. It's not a big machine, so don't use it to do your work on or you'll bother other users trying to access their files.<br>
<br>
The login server '''ssh-hostkeys''':<br>
2048 SHA256:BqwCk82bRDxY3YLkumDcr8d0RKExSCX+zbsgdDyfF4w '''ssh.lwp.rug.nl''' (RSA)<br>
256 SHA256:MfSPCbM20GbH+zMDUAEFzk80vTxF2890ch2EQJjEi3o '''ssh.lwp.rug.nl''' (ED25519)<br>
256 SHA256:Fck7jcOsqDtqcCFncx144z2tt12oMWXD4Jiz0LJbapw '''ssh.lwp.rug.nl''' (ECDSA)<br>
<br>
== Connecting to another LWP with SSH.==
Replace '''ssh.lwp.rug.nl''' with the hostname or ip-address of the machine you're trying to connect to.<br>
===Add your p-number to the allowed users list===
Add your p-number to the file /etc/users_allowed_ssh.
===Create a new SSH key pair===
Create a key pair using the following command:<br>
  ssh-keygen -t rsa -b 4096 -C "LWP" -f ~/.ssh/lwp_rsa
If you don't work with linux you can go to https://vlwp.rug.nl/, login with your RUG account and do it there.<br>
''Note: You can enter any comment with the “-C” option, e.g. username@hostname, so you can easily see what you're using the key for. The “-C” option is not mandatory.''<br>


We have a login server available to access your home dir, so you don't have to leave your own PC turned on. It's not a big machine, so don't use it to do your work on or you'll bother other users trying to access their files.
===Add your public key to the authorized_keys file===
NOTE! There are other login servers available, but they are department specific, so we won't post them here.
To allow your account to login to the LWP you'll have to add your public key to a authorized_keys file:<br>
  cat ~/.ssh/lwp_rsa.pub >> ~/.ssh/authorized_keys
''Note: This can only be done if you're logged in to a LWP; Use https://vlwp.rug.nl/ if you are not physically on a LWP.


Login server stats:
===Set up your own LWP===
256 SHA256:AJ8LcLyE0+my7uUW24A5iZ4Sr/7wU/KdK6l72A69T80 ssh.lwp.rug.nl (ECDSA)
Use a USB drive to transfer your key pair to your own system securely.<br>
2048 SHA256:Zg6Z6ULOPP/991wsBe0ioMD2lENX4ewYMgTS90Hky/M ssh.lwp.rug.nl (RSA)
  cp ~/.ssh/lwp_rsa* /media/'''<your usb device>'''/
256 SHA256:YeSHwEfASFD5EckDwl2X2rbmhDtZ12+5HCOzvG9n6BI ssh.lwp.rug.nl (ED25519)
Copy your key pair to your home directory:<br>
  mkdir ~/.ssh
  cp /media/'''<your usb device>'''/lwp_rsa* ~/.ssh/
Set the correct permissions:<br>
  chmod 0700 ~/.ssh
  chmod 0600 ~/.ssh/lwp_rsa
Try the connection:
  ssh -i ~/.ssh/lwp_rsa '''<username>'''@ssh.lwp.rug.nl or hostname or ip-address
Make your life easier by creating a '''~/.ssh/config''' file and adding the following:
host other-lwp
user '''<username>'''
IdentityFile ~/.ssh/lwp_rsa
ForwardX11 yes
HostName ssh.lwp.rug.nl or hostname or ip-address
Then connect with:
ssh other-lwp
and you should find yourself in your home directory.

Latest revision as of 12:40, 28 August 2023

It's possible to use SSH to connect from one LWP to another without using a password.
We have a login server available to access your home directory, so you don't have to leave your own PC turned on. It's not a big machine, so don't use it to do your work on or you'll bother other users trying to access their files.

The login server ssh-hostkeys:
2048 SHA256:BqwCk82bRDxY3YLkumDcr8d0RKExSCX+zbsgdDyfF4w ssh.lwp.rug.nl (RSA)
256 SHA256:MfSPCbM20GbH+zMDUAEFzk80vTxF2890ch2EQJjEi3o ssh.lwp.rug.nl (ED25519)
256 SHA256:Fck7jcOsqDtqcCFncx144z2tt12oMWXD4Jiz0LJbapw ssh.lwp.rug.nl (ECDSA)

Connecting to another LWP with SSH.

Replace ssh.lwp.rug.nl with the hostname or ip-address of the machine you're trying to connect to.

Add your p-number to the allowed users list

Add your p-number to the file /etc/users_allowed_ssh.

Create a new SSH key pair

Create a key pair using the following command:

 ssh-keygen -t rsa -b 4096 -C "LWP" -f ~/.ssh/lwp_rsa

If you don't work with linux you can go to https://vlwp.rug.nl/, login with your RUG account and do it there.
Note: You can enter any comment with the “-C” option, e.g. username@hostname, so you can easily see what you're using the key for. The “-C” option is not mandatory.

Add your public key to the authorized_keys file

To allow your account to login to the LWP you'll have to add your public key to a authorized_keys file:

 cat ~/.ssh/lwp_rsa.pub >> ~/.ssh/authorized_keys

Note: This can only be done if you're logged in to a LWP; Use https://vlwp.rug.nl/ if you are not physically on a LWP.

Set up your own LWP

Use a USB drive to transfer your key pair to your own system securely.

 cp ~/.ssh/lwp_rsa* /media/<your usb device>/

Copy your key pair to your home directory:

 mkdir ~/.ssh
 cp /media/<your usb device>/lwp_rsa* ~/.ssh/

Set the correct permissions:

 chmod 0700 ~/.ssh
 chmod 0600 ~/.ssh/lwp_rsa

Try the connection: 

 ssh -i ~/.ssh/lwp_rsa <username>@ssh.lwp.rug.nl or hostname or ip-address

Make your life easier by creating a ~/.ssh/config file and adding the following: 

host other-lwp
user <username>
IdentityFile ~/.ssh/lwp_rsa
ForwardX11 yes
HostName ssh.lwp.rug.nl or hostname or ip-address

Then connect with: 

ssh other-lwp

and you should find yourself in your home directory.

Retrieved from "https://lwpwiki.webhosting.rug.nl/index.php?title=Passwordless_SSH_HowTo&oldid=1095"