Cyberduck Mountain Duck CLI

Changes between Version 16 and Version 17 of help/en/howto/ssh


Ignore:
Timestamp:
Jul 21, 2010 9:47:15 AM (10 years ago)
Author:
dkocher
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • help/en/howto/ssh

    v16 v17  
    33= [wiki:help/en Cyberduck Help] / [wiki:help/en/howto Howto] / SSH =
    44
    5 == OpenSSH Configuration ==
    6 
    7 A [wiki:help/en/howto/bookmarks bookmark] will update its public key authentication setting from the ''IdentityFile'' configuration in `~/.ssh/config`. Also when opening a new [wiki:help/en/howto/connection#Toolbarbutton connection] using ''File → Open Connection…'', ''IdentityFile'' and ''User'' parameters in the OpenSSH user config file are auto completed.
    8 
    9 Example configuration:
    10 
    11 {{{
    12 Host myhostname
    13         User myusername
    14         IdentityFile ~/.ssh/mykey-rsa
    15 }}}
    16 
    17 Contrary to ''OpenSSH'', we do '''not''' use the keys named `~/.ssh/identity`, `~/.ssh/id_rsa` or `~/.ssh/id_dsa` by default.
    18 
    19 
    20 == How to configure public key authentication? ==
    21 
    22 Public-key authentication allows you to connect to a remote server without sending your password over the Internet. Public-key authentication uses two keys, a private key that only you have--it should be kept in a secure place and protected with a password. And the public key, which is placed on the server you wish to gain access to, usually by the system administrator when your account is set up.
    23 
    24  1. Run the command {{{ssh-keygen}}} from the Terminal.app to generate a public/private pair of keys. They will be put in your directory {{{~/.ssh}}}, though you will probably be asked to approve or change this location. When you generate the keys you will be asked for a 'passphrase'. If you use a passphrase then you will have to enter it each time you use the keys for authentication. That is, you will have to type in the pass phrase everytime you log in, just as you would with a password. If you don't enter a passphrase (just press the return key) then you will be allowed to log-in without having to enter a passphrase. This can be more convenient, but it is less secure.
    25 
    26 {{{
    27 jungle:~/.ssh dkocher$ ssh-keygen -t rsa
    28 }}}
    29 
    30  2. Copy the public key to the remote host you wish to access and add it to the file {{{authorized_keys}}} in your {{{~/.ssh}}} directory. (If that file does not exist then you should create it.) Anybody listed in the authorized_keys file (via their public key) is allowed to log-in, provided that they can prove that they possess the corresponding private key. Thus if you have the private key in your .ssh directory on your home machine you'll be allowed in.
    31 
    32 
    33 {{{
    34 jungle:~/.ssh dkocher$ ssh hostname < id_rsa.pub 'cat >> .ssh/authorized_keys'
    35 }}}
    36 
    37  3. In the Connection Dialog or the Bookmark editor in Cyberduck select ''Use Public Key Authentication'' and select the private key in your {{{.ssh}}} directory.
    38 
    39 == Open in Terminal ==
    40 
    41 Use ''View → Customize Toolbar...'' to add the ''Terminal.app'' toolbar icon to your browser. It allows you to open a SSH shell for the current working directoy with a single click.
    42 
    43 == Remote Commands ==
    44 
    45 See the Browser [wiki:help/en/howto/commands#SSHserver Custom Command] page to send custom commands over SSH.
    46 
    47 == References ==
    48 
    49  * [http://en.wikipedia.org/wiki/SSH_file_transfer_protocol SFTP Wikipedia Article]
     5Refer to [wiki:help/en/howto/sftp SFTP].