newbie - need help

Configuration issues

Last Post by Bobby 22 years ago

0 Posts

2 Users

0 Reactions

170 Views

RSS

Bobby

(@Bobby)

New Member

Joined: 55 years ago

Posts: 1

Topic starter 04/10/2002 6:25 pm

I've just downloaded and installed absoluteTelnet. I'm trying to get SSH enabled with my server. My hosting company has asked me to:
FTP to your account
2. Create a directory named .ssh in your home directory
(mkdir /.ssh from ftp, ~/.ssh through telnet)
3. Chmod to 700 .ssh
4. Cd to .ssh
5. Upload your identity.pub to this directory
6. Rename this file to authorized_keys
7. Chmod 400 authorized_keys
Please let us know once this has been done so we may enable SSH for your account

I'm confused about the "identity.pub" file. Does anyone know what this is and how I would get to it?

Thanks

[size=1][ October 04, 2002, 12:38 PM: Message edited by: Brian T. Pence ][/size]

ReplyQuote

bpence

(@bpence)

Member Admin

Joined: 11 months ago

Posts: 1375

04/10/2002 7:00 pm

Ok, here's the deal...

Your ISP wants you to use SSH with public key authentication. They consider this a safer method of authenticating than say.... regular old password authentication.

But, what this type of authentication requires is a public/private key pair. The public key goes on the server, and the private key you keep all to yourself (hence the name private) and plug it into your client.

It also seems that your ISP assumes that you already have these keys created. Apparently you do not, but that's ok. They're easy enough to create.

--NOTE---
THESE INSTRUCTIONS ARE FOR SSH VERSION 1 ONLY, AS THE ISP SPECIFIED THE USE OF THE AUTHORIZED_KEYS FILE. SSH VERSION 2 USES THE AUTHORIZED_KEYS2 FILE, AS THE KEY FORMATS ARE *NOT* COMPATIBLE
--END NOTE--

If you can telnet to the server, create the .ssh directory as your ISP instructs (above), then run the program 'ssh-keygen' from the command line. When asked for a filename to save the keys, you can use any name, but for simplicity, use 'identity'. You will then be prompted for a 'passphrase' which will be used to encrypt (and hence further protect) your private key, but for now just press enter to create the key without a passphrase.

Now, you have two files: 'identity' (the private key) and identity.pub (the public key). Rename identity.pub to authorized_keys and change permissions as specified in your ISP instructions. Then, ftp (or zmodem) the 'identity' file back to your client machine and REMOVE THAT FILE FROM THE SERVER.

Now, you're ready to connect via the ssh client. Start Absolute, setting SSH1 as the connection type in Options->Properties->Connections, along with setting the hostname. WHen you hit the 'connect' button on the toolbar, you'll be prompted for your authentication. Switch the radio button from 'plain password' to 'Use RSA/DSA', and supply the path to the 'identity' file you got off your server.

Click OK.

Voila

Let me know if you need more info.

ReplyQuote

6 Forums
639 Topics
3,082 Posts
2 Online
29 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed