HowTo: Configure SSH2 access to the Admin Console

From Public PIC Wiki
Revision as of 12:01, 7 August 2015 by Mcaubet (talk | contribs)
Jump to navigation Jump to search

Server - Admin Console Authorized Keys

  • To allow SSH2 access to the Admin Console a public key needs to be added to the authorized_keys file.
  • SSH2 authentication in dCache works very similar to the standard SSH2 service.
  • SSH2 authorized_keys file in dCache is found in: /etc/dcache/admin/authorized_keys2
Please notice that in dCache is called authorized_keys2 and not authorized_keys (which historically corresponds to SSH1 access to the dCache Admin Console)
  • Example of /etc/dcache/admin/authorized_keys2:
from="*.pic.es" ssh-dss AAAAB3NzaC1kc3MAAACBAL2qk6nGZjKqr+9ZnDBvA1UwB/M8HJAmQbpPSk9pGq+xKCkzMkW6ucffcK1OPlDn+oltTMFoAKJ/K10GPQ5m0lnIoTkqfnGlyhbOuxU4ImwUi6kcDhNAQ7NywoLJJ6tEd3glQn8pCOlX79r8zQWQiNzitglNsANWFCLXh8hjzg5DAAAAFQDnPzspF/7xQzzFe1N4HHY6RQgj8QAAAIBxgSF6DnTnJwKEZesWmLdqFmtb92CULlGDb/Fgfas49i0XZAH2TTXxkWKEr1brBIcl/XuYrUiDVXpxKpu8yoBBPD+lnkLq5s4qlGhEqifpij1Ap09Oja3emhN1gGobiPMZny9ukmPrqT3fGLxN3IOYN67S3a/Mtg2Ht1eP+lxC6QAAAIEAkxtoH5Q1VSVLawDIK1Ne9Lc326NdmqpCNcnPafsh36gZluJTHXDj2GTCn+zMXDRH585/Hn8ro9mJ8q3iOvpujRsTUqxiS99qRtZIdsh9RGhf2/wAmIw9FYjXpSYTY07+XT4H941aXi1RNnioS0TLYrfOWrs8w78kmwb8old6xUU= dcache_root@dccore01-test.pic.es
from="*.pic.es" ssh-dss AAAAB3NzaC1kc3MAAACBAPSl8CfaycoR89aCmziYvXQ/oP41RMl9gmBkUo79R/YEbfCRge9ZNsoe5FUGFLdVUAj2rlPL4dzffRCPP/sMPwp7ihA85fHTCSODOG7CX9YXH/uiHXnen86aR3wujgDunVZKRlHZZcTm9ctti2fWzl4BGQyKfHW8yF1eHozcLFhFAAAAFQCL7xgYMkPGjze6DFriU9l6pj2P1QAAAIBYiQXVCU1ncp3VjmWFEdmzX/RGUzFn0smsi+ohdNIRp0sDmd7Oot+JIamZJTUqmEPd0GdZZy34eCOkJXE190KwtFsO08Ck0P5uCaBc/+TslnAZ1JaXPKYoHxN+pbiNycbJaFwJOi1kDtvuLPynbBpdDSsLNtNSv457sDG7BMn+iwAAAIAES5Kmr+nzQpZAiWbx9Y9TZt0Kkp8ZORgrDYXDo8dedRuOSO+3SyyBrdPAEn7po6zSMV9jTh3cpPOdtns5atrFEqtg9vidiP0Kq6zHazsofA2A5i6lq1+bIit8m8G9AcQXzfPVc2n+rq2e5a0gH/CJGaxub2E+p/gGWJAcQCiY0g== dcache_root@dccore01.pic.es


Client - Private & Public Keys

  • In order to access to the Admin Console, SSH Keys must be generated.
  • Use ssh-keygen in order to generate the public (id_rsa.pub) and the private (id_rsa) SSH Keys. For instance:
user@pw-mcaubet:~$ ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
1d:60:95:2f:73:94:b8:5b:d6:8c:2d:d4:d2:ea:b6:de user@pw-mcaubet
The key's randomart image is:
+---[RSA 2048]----+
|        o..o +   |
|       . .o = o  |
|          .= B   |
|         .+.O +  |
|        S .O .   |
|          . o    |
|           . .   |
|            ..   |
|           .. E  |
+-----------------+
Retrieved from "http://pwiki.pic.es/index.php?title=HowTo:_Configure_SSH2_access_to_the_Admin_Console&oldid=99"