|
Size: 1273
Comment:
|
← Revision 10 as of 2014-11-24 11:52:15 ⇥
Size: 1814
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| = SSH key Management = | = SSH Key Management = SSH Keys is a way of identifying yourself to an SSH server using cryptography instead of the traditional username and password combination. This method has several advantages over the password based authentication: the passwords are not sent to trough the network, there is no risk for brute force attacks and when using together with the SSH agent it is possible to login to multiple servers without entering your credentials again and again. At IFCA it is highly reccomended to use SSH Key authentication for accessing the [[Cluster]]. We reccomend the reading of the fantastic [[https://wiki.archlinux.org/index.php/SSH_Keys|Arch Linux SSH Keys guide]] for more details. Some instructions are provided below though. |
| Line 7: | Line 19: |
| Check [[/Putty]] for more information. | Check [[/Putty|this page]] for more information. |
| Line 11: | Line 23: |
| Check [[/Linux|this page]] for more information. |
|
| Line 13: | Line 27: |
| === Using cerbero === | Once you have your key ready, you must install it on the server you are going to access. |
| Line 15: | Line 29: |
| 1. Login to https://cerbero.ifca.es {{attachment:01.png||width=800}} |
=== Using ipa === |
| Line 18: | Line 31: |
| 2. Click "POSIX" in order to edit your POSIX settings. {{attachment:02.png||width=800}} 3. Click "Edit" button. {{attachment:03.png||width=800}} 4. Click "Edit public ssh keys..." button. {{attachment:04.png||width=800}} 5. From this screen you can manage the the public SSH keys that you have added to your account. You can have several keys (for example, one for the office PC, another, for your laptop, etc.). Click "Browse" to select the file of your public key and upload it to the server. {{attachment:05.png||width=800}} 6. Search the file containing your public key and upload it. {{attachment:06.png||width=800}} 7. Click "Upload" and your public key will be added. {{attachment:07.png||width=800}} 8. You're almost done, your key has been added. Click save to accept the changes. {{attachment:08.png||width=800}} 9. Click "OK" and now you will be able to login using your SSH key. {{attachment:09.png||width=800}} |
Authentication at IFCA is centralized, meaning that you can install your key centrally at https://ipa.ifca.es/ and use it when accessing any machine at IFCA datacenter trough SSH. To do so log into https://ipa.ifca.es/ and add your SSH key from your account settings menu. |
| Line 44: | Line 35: |
You have to access (using SSH and your username and password) to the machine where you want to use your public key and add the contents of your public key file to the `.ssh/authorized_keys`. If you are using GNU/Linux, you can add it with the following command: {{{ $ ssh-copy-id username@gridui.ifca.es }}} This will install your ssh public key at Scientific Linux 6 infrastruccture. ---- CategoryUserSupport |
SSH Key Management
SSH Keys is a way of identifying yourself to an SSH server using cryptography instead of the traditional username and password combination. This method has several advantages over the password based authentication: the passwords are not sent to trough the network, there is no risk for brute force attacks and when using together with the SSH agent it is possible to login to multiple servers without entering your credentials again and again.
At IFCA it is highly reccomended to use SSH Key authentication for accessing the Cluster.
We reccomend the reading of the fantastic Arch Linux SSH Keys guide for more details. Some instructions are provided below though.
1. SSH Key creation
1.1. Windows (PuTTY)
Check this page for more information.
1.2. Linux
Check this page for more information.
2. Upload key
Once you have your key ready, you must install it on the server you are going to access.
2.1. Using ipa
Authentication at IFCA is centralized, meaning that you can install your key centrally at https://ipa.ifca.es/ and use it when accessing any machine at IFCA datacenter trough SSH. To do so log into https://ipa.ifca.es/ and add your SSH key from your account settings menu.
2.2. Using the authorized_keys file
You have to access (using SSH and your username and password) to the machine where you want to use your public key and add the contents of your public key file to the .ssh/authorized_keys. If you are using GNU/Linux, you can add it with the following command:
$ ssh-copy-id username@gridui.ifca.es
This will install your ssh public key at Scientific Linux 6 infrastruccture.