Versions Compared

Old Version 12

changes.mady.by.user John McKeever

Saved on

compared with

New Version 13

changes.mady.by.user John McKeever

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Here’s an example of creating and deploying an SSH key to avoid a username/password prompt when connecting from one host (localhost, in this example) to another (remotehost).

If you already have an SSH key, you can skip this step.

...

DOn’t enter a pass phrase if you want to use this key with third party systems like Azure or GitHub.

Code Block
# Generate a 2048-bit RSA key (Will NOT work with GitHub!)
$> ssh-keygen -t rsa -b 2048 -f mykey.rsa.key
Generating public/private rsa key pair.

...

# (

...

blah

...

blah

...

blah)

...

...

...

Note that you may need to use a different type of key encryption depending upon the system with which you are trying to connect. For GitHub, for example, we would use the following…

...

# Or
# Generate a 521-bit RSA key (WILL work with GitHub!)
# Yes - 521-bytes (not 512) because (2^521)-1 is a prime number 
# See https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
$> ssh-keygen -t ecdsa -b 521 -f mykey.ecdsa.key
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in mykey.ecdsa.key
Your public key has been saved in mykey.ecdsa.key.pub
The key fingerprint is:
SHA256:mri4SXfnLwf77L8UmzFf4DOW0e/LODuV/cixmDOw7+Q johnmckeever@localhsot
The key's randomart image is:
+---[ECDSA 521]---+
|                 |
|                 |
|              .  |
|             . . |
|       S  .   = +|
|    . o.  o . .@o|
| . o + .o =.= ==+|
| . + o oo.*o=+B +|
|  +..   .B*=E*=o |
+----[SHA256]-----+

# Copy the public key of your computer to the trusted keys of the target server
localhost:~$ ssh-copy-id -i .ssh/mykey.ecdsa user@remotehost
user@remotehost's password: ••••••••
Info

Note that the following steps are not required when using the generated key with MettleCI Workbench.

Now try logging into the machine, with ssh 'user@remotehost' to verify the keys we’ve added:

Code Block
# Create the .ssh directory:
localhost:~$ mkdir ~/.ssh

# Set the right permissions:
localhost:~$ chmod 700 ~/.ssh

# Create the authorized_keys file:
localhost:~$ touch ~/.ssh/authorized_keys

# Set the right permissions:
localhost:~$ chmod 600 ~/.ssh/authorized_keys

# Verify
localhost:~$ ls ~/.ssh/authorized_keys

Finally check you can log in using your new key…

Code Block
localhost:~$ ssh id@server
user@remotehost:~$

Filter by label (Content by label)
showLabelsfalse
max5
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@873786c5
sortmodified
showSpacefalse
reversetrue
typepage
cqllabel in ( "security" , "authentication" , "ssh" ) and type = "page" and space = "MCIDOC"
labelsssh security authentication

...