CentOS How To Linux Ubuntu

Ubuntu: login with certificate

AdrianLeave a Comment on Ubuntu: login with certificate 
# See also https://adrhc.go.ro/wordpress/how-to-create-a-certificate/ for how to create public-pub.openssh.

# Configure server
# Uncomment in /etc/ssh/sshd_config:
AuthorizedKeysFile  %h/.ssh/authorized_keys
# public-key in openssh format
cat public-key.openssh.pem > ~/.ssh/authorized_keys

# Configure client
# id_rsa -> mandatory name
#
# private-key.pem.des3.bitvise must start similar to:
# -----BEGIN RSA PRIVATE KEY-----
# Proc-Type: 4,ENCRYPTED
# DEK-Info: DES-EDE3-CBC,26D2920A0A1A7AA6
#
# it's not ok if starts with:
# -----BEGIN ENCRYPTED PRIVATE KEY-----
cp -v private-key.pem.des3.bitvise .ssh/id_rsa
# in order to connect with Remmina + ssh you also need the public key:
# public-key in openssh format
cp -v public-key.openssh.pem .ssh/id_rsa.pub

# ERROR "key_load_public: invalid format"
# SOLUTION
ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub

# fix ssh permissions
cd $HOME
sudo chown -Rv $USER: .ssh
sudo chmod -v 700 .ssh
sudo chmod -v 600 .ssh/*
if [ "`members $USER`" != "$USER $USER" ]; then
    echo -e "\nMake sure only $USER is the member of group $USER!"
    echo "Actual setup is: `members $USER`"
fi

# ERROR
# "sign_and_send_pubkey: signing failed: agent refused operation
# Permission denied (publickey)."
# SOLUTION
# http://askubuntu.com/questions/762541/ubuntu-16-04-ssh-sign-and-send-pubkey-signing-failed-agent-refused-operation
cd ~/.ssh
ssh-add
ssh-add -l

restart ssh service
sudo systemctl restart ssh
sudo systemctl status ssh

login with ssh
ssh gigi@adrhc.go.ro

sftp location syntax
sftp://username@adrhc.go.ro/home/username

#50: Password-less ssh
see http://www.tuxradar.com/content/linux-tips-every-geek-should-know

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.