Difference between revisions of "HowTo: Configure SSH2 access to the Admin Console"
Jump to navigation
Jump to search
| (7 intermediate revisions by 2 users not shown) | |||
| Line 4: | Line 4: | ||
* SSH2 authorized_keys file in dCache is found in: '''/etc/dcache/admin/authorized_keys2''' | * SSH2 authorized_keys file in dCache is found in: '''/etc/dcache/admin/authorized_keys2''' | ||
:Please notice that in dCache is called '''''authorized_keys2''''' and not authorized_keys (which historically corresponds to SSH1 access to the dCache Admin Console) | :Please notice that in dCache is called '''''authorized_keys2''''' and not authorized_keys (which historically corresponds to SSH1 access to the dCache Admin Console) | ||
| − | * Example of '''/etc/dcache/admin/authorized_keys2''': | + | * Example of content of '''/etc/dcache/admin/authorized_keys2''': |
| − | + | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIODhZQPz/sxK44pTdOaCVWXM2qZPJ1Zz/xOHt31LKEC/seWf1fzy0YuC9Wu++eATtKXtv2fIryj9cFOhijXmAQtYHfhNCbBA | |
| − | + | jmyD0Eaa73Hg9tBubhB0Ufazlf951cMmhjsQvIFb4gWgN6gDKcnk8ka1QV5Z6MASd7JD4k28p8s /yFhtpymyYRdqg0KZGdnqh51MsIL4kkmS+jx8hINMCspHFYOe3ptFEmX4rp | |
| + | 0ucJLVVEDHIW8ehIirStaCupRABRxQ+Esy6+xwOeydL8o3DOtUwk9lNel2ISOLrbzwVAdUC3YxeSLV8weGv23hIXXyRrKnTESNxgnZgMRM4oW5D admin@pw-mcaubet | ||
| + | Notice that the info should end like '''admin@'''<user> | ||
= Client - Private & Public Keys = | = Client - Private & Public Keys = | ||
| Line 35: | Line 37: | ||
| .. E | | | .. E | | ||
+-----------------+ | +-----------------+ | ||
| − | * Add the generated '''id_rsa.pub''' to the '''/etc/dcache/admin/authorized_keys2''' in the dCache server (see [[HowTo:_Configure_SSH2_access_to_the_Admin_Console#Server - Admin Console Authorized Keys | Server - Admin Console Authorized Keys]] | + | * Add the generated '''id_rsa.pub''' to the '''/etc/dcache/admin/authorized_keys2''' in the dCache server (see '''[[HowTo:_Configure_SSH2_access_to_the_Admin_Console#Server - Admin Console Authorized Keys | Server - Admin Console Authorized Keys]]''') |
Latest revision as of 14:26, 13 June 2022
Server - Admin Console Authorized Keys
- To allow SSH2 access to the Admin Console a public key needs to be added to the authorized_keys file.
- SSH2 authentication in dCache works very similar to the standard SSH2 service.
- SSH2 authorized_keys file in dCache is found in: /etc/dcache/admin/authorized_keys2
- Please notice that in dCache is called authorized_keys2 and not authorized_keys (which historically corresponds to SSH1 access to the dCache Admin Console)
- Example of content of /etc/dcache/admin/authorized_keys2:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIODhZQPz/sxK44pTdOaCVWXM2qZPJ1Zz/xOHt31LKEC/seWf1fzy0YuC9Wu++eATtKXtv2fIryj9cFOhijXmAQtYHfhNCbBA jmyD0Eaa73Hg9tBubhB0Ufazlf951cMmhjsQvIFb4gWgN6gDKcnk8ka1QV5Z6MASd7JD4k28p8s /yFhtpymyYRdqg0KZGdnqh51MsIL4kkmS+jx8hINMCspHFYOe3ptFEmX4rp 0ucJLVVEDHIW8ehIirStaCupRABRxQ+Esy6+xwOeydL8o3DOtUwk9lNel2ISOLrbzwVAdUC3YxeSLV8weGv23hIXXyRrKnTESNxgnZgMRM4oW5D admin@pw-mcaubet
Notice that the info should end like admin@<user>
Client - Private & Public Keys
- In order to access to the Admin Console, SSH Keys must be generated.
- Use ssh-keygen in order to generate the public (id_rsa.pub) and the private (id_rsa) SSH Keys. For instance:
user@pw-mcaubet:~$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: 1d:60:95:2f:73:94:b8:5b:d6:8c:2d:d4:d2:ea:b6:de user@pw-mcaubet The key's randomart image is: +---[RSA 2048]----+ | o..o + | | . .o = o | | .= B | | .+.O + | | S .O . | | . o | | . . | | .. | | .. E | +-----------------+
- Add the generated id_rsa.pub to the /etc/dcache/admin/authorized_keys2 in the dCache server (see Server - Admin Console Authorized Keys)