Cyberduck Mountain Duck CLI

Changes between Version 77 and Version 78 of help/en/howto/sftp


Ignore:
Timestamp:
Oct 12, 2020 3:30:41 PM (2 weeks ago)
Author:
dkocher
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • help/en/howto/sftp

    v77 v78  
    4444
    4545== Public Key Authentication ==
    46 
    4746Public-key authentication allows you to connect to a remote server without sending your password over the Internet. Public-key authentication uses two keys, a private key that only you have--it should be kept in a secure place and protected with a password. And the public key, which is placed on the server you wish to gain access to, usually by the system administrator when your account is set up. Private keys containing a `DSA` or `RSA` private key in ''PEM'' format are supported (look for `-----BEGIN DSA PRIVATE KEY-----` or `-----BEGIN RSA PRIVATE KEY-----` in the file) and can be configured in the [wiki:help/en/howto/bookmarks Bookmark] or [wiki:help/en/howto/connection Connection] panel.
    4847
     
    5655
    5756=== Configure public key authentication ===
    58 
    5957 1. Run the command {{{ssh-keygen}}} from the Terminal.app to generate a public/private pair of keys. They will be put in your directory {{{~/.ssh}}}, though you will probably be asked to approve or change this location. When you generate the keys you will be asked for a 'passphrase'. If you use a passphrase then you will have to enter it each time you use the keys for authentication. That is, you will have to type in the pass phrase everytime you log in, just as you would with a password. If you don't enter a passphrase (just press the return key) then you will be allowed to log-in without having to enter a passphrase. This can be more convenient, but it is less secure.
    6058
     
    8179
    8280== One-time passcodes ==
    83 
    8481Using a challenge-response authentication with one time password generators like ''SecurID'' is supported. After the initial login prompt for the username and password a second login prompt is displayed to enter the one-time passcode.
    8582
     
    105102[[Image(Unknown host key.png)]]
    106103
     104
     105== Connect via SSH tunnel through bastion server ==
     106''''' Version [milestone:8.0 8] or later required'''''
     107Using the `ProxyJump` configuration directive in `~/.ssh/config` you can connect through a tunnel. Sample configuration
     108
     109{{{
     110Host internal
     111    HostName server.lan
     112    ProxyJump user-external@jump.example.org:2222
     113    User user-internal
     114}}}
     115
     116You can also work with aliases like
     117
     118{{{
     119Host bastion-host-nickname
     120    HostName bastion-hostname
     121    User username
     122    Port 2222
     123
     124Host remote-host-nickname
     125    HostName remote-hostname
     126    ProxyJump bastion-host-nickname
     127}}}
     128
    107129== Open in Terminal ==
    108 
    109130''Open in Terminal'' allows you to open a SSH shell for the current working directoy with a single click.
    110131
swiss made software