Passwordless SSH HowTo: Difference between revisions

From LWP-Wiki
Jump to navigation Jump to search
Line 36: Line 36:
Then connect with:
Then connect with:
  ssh lwp
  ssh lwp
Enter your password and you should find yourself in your home dir.
Enter your password and you should find yourself in your home directory.

Revision as of 16:31, 26 March 2021

It's possible to use SSH to connect to your LWP directly. To connect to any LWP from outside the university network we require 2 factor authentication. This is achieved by requiring a password and a ssh key to login.
We have a login server available to access your home directory, so you don't have to leave your own PC turned on. It's not a big machine, so don't use it to do your work on or you'll bother other users trying to access their files.

The login server ssh-hostkeys:
256 SHA256:AJ8LcLyE0+my7uUW24A5iZ4Sr/7wU/KdK6l72A69T80 ssh.lwp.rug.nl (ECDSA)
2048 SHA256:Zg6Z6ULOPP/991wsBe0ioMD2lENX4ewYMgTS90Hky/M ssh.lwp.rug.nl (RSA)
256 SHA256:YeSHwEfASFD5EckDwl2X2rbmhDtZ12+5HCOzvG9n6BI ssh.lwp.rug.nl (ED25519)

Connecting to the LWP from home with SSH.

Replace ssh.lwp.rug.nl with the hostname of the machine you're trying to connect to.
If you already have a ssh key pair you want to use, you can skip creating a new key pair.

Create a new SSH key pair

Create a key pair using the following command:

 ssh-keygen -t rsa -b 4096 -C "LWP" -f ~/.ssh/lwp_rsa

Note: You can enter any comment with the “-C” option, e.g. username@hostname, so you can easily see what you're using the key for. The “-C” option is not mandatory.

Add your public key to the authorized_keys file

To allow your account to login to the LWP you'll have to add your public key to a authorized_keys file:

 cat ~/.ssh/lwp_rsa.pub >> ~/.ssh/authorized_keys

Set up your own system

Use a USB drive to transfer your key pair to your own system securely.

 cp ~/.ssh/lwp_rsa* /media/<your usb device>/

Copy your key pair to your home directory:

 mkdir ~/.ssh
 cp /media/<your usb device>/lwp_rsa* ~/.ssh/

Set the correct permissions:

 chmod 0700 ~/.ssh
 chmod 0600 ~/.ssh/lwp_rsa

Try the connection:

 ssh -i ~/.ssh/lwp_rsa <username>@ssh.lwp.rug.nl

Make your life easier by creating a ~/.ssh/config file and adding the following:

host lwp
user <username>
IdentityFile ~/.ssh/lwp_rsa
ForwardX11 yes
HostName ssh.lwp.rug.nl

Then connect with:

ssh lwp

Enter your password and you should find yourself in your home directory.