login about faq

I know there are easier ways to upload a key from Tectia Client to any SSH server, but what if I don't have version 6.1.0 or would like to do the same thing manually? How do I proceed?

asked Sep 20 '11 at 08:52

Roman's gravatar image

Roman ♦♦
7735817


Here are the steps to setup public key authentication (the hard way). These instructions assume that you have Tectia Client on the client host and Tectia Server on the server side.

1 . Generate the key pair

On the client host generate a public key pair using the ssh-keygen-g3 command line tool. It will ask you to provide a passphrase and generate a 2048-bit DSA key pair.

 
$ ssh-keygen-g3
Generating 2048-bit dsa key pair
  9 oOo.oOo.oOo
Key generated.
2048-bit dsa, ClientUser@Client, Thu Jan 22 2008 12:09:46 +0200
Passphrase : 
Again :
Private key saved to  /home/ClientUser/.ssh2/id_dsa_2048_a
Public key saved to   /home/ClientUser/.ssh2/id_dsa_2048_a.pub

This will generate a key pair consisting of two separate files. One of the keys is your private key which must never be made available to anyone but yourself. If a passphrase was provided, the private key can only be used together with the passphrase.

The key pair is stored in the following locations:

On Unix:

$HOME/.ssh2

On Windows

%APPDATA%SSHUserKeys

In the example above, the private key file is id_dsa_2048_a. The public key file is id_dsa_2048_a.pub, and it can be distributed to other computers.

2 . Upload the public part of the key to the server

After generating the key pair, upload the public part of the key (id_dsa_2048_a.pub) to the server.

Using authorized_keys directory

If the server is a Tectia Server version 5.0 or newer, this can be done by creating an authorized_keys directory and copying the public key there.

a. Create authorized_keys directory

First create the authorized_keys directory on the server under $HOME/.ssh2/authorized_keys (for Unix) or %USERPROFILE%\.ssh2\authorized_keys (for Windows). This can be done directly on the server or using sshg3 and remote commands:

First create the .ssh2 directory

sshg3 ServerUser@tectia_server "mkdir .ssh2"

Then the authorized_keys directory

sshg3 ServerUser@tectia_server "mkdir .ssh2/authorized_keys"

b. Finally copy the public key to the authorized_keys directory

scpg3 id_dsa_2048_a.pub ServerUser@tectia_server:.ssh2/authorized_keys/

Using an authorization file

If the server is an older version of Tectia Server (4.x) then this requires a bit more work. Besides uploading the public key to the server you'll also need to create an authorization file which contains the name and path to the public key.

The authorization file is also supported in newer versions of Tectia, so this method should work against all versions of Tectia Server.

a. First create an .ssh2 directory on the server (if it does not already exist)

sshg3 ServerUser@tectia_server "mkdir .ssh2"

b. Copy the public key to the server

In this case we copy it to the .ssh2 directory on the server:

scpg3 id_dsa_2048_a.pub ServerUser@tectia_server:.ssh2/

c. Create an authorization file on the server

Create an authorization file in the server under the .ssh2 directory, such as:

If the server is Unix:

sshg3 ServerUser@tectia_server "echo Key id_dsa_2048_a.pub >> .ssh2/authorization"

If the server is Windows:

sshg3 ServerUser@tectia_server "cmd /c echo Key id_dsa_2048_a.pub >> .ssh2/authorization"

After this the authorization file will look like this:

Key     id_dsa_2048_a.pub

That should do it, after this it should be possible to connect from the client to the server using public-key authentication.

Please note that public key authentication needs to be allowed in the server configuration for this to work.

For more information see the section Uploading Public Keys Manually in the Tectia Client user manual.

link

answered Sep 20 '11 at 09:35

Roman's gravatar image

Roman ♦♦
7735817

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×54
×1

Asked: Sep 20 '11 at 08:52

Seen: 17,103 times

Last updated: Sep 20 '11 at 09:35

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.