{"id":2267,"date":"2015-10-07T15:12:35","date_gmt":"2015-10-07T13:12:35","guid":{"rendered":"https:\/\/adrhc.go.ro\/wordpress\/?p=2267"},"modified":"2017-03-26T16:10:17","modified_gmt":"2017-03-26T14:10:17","slug":"ubuntu-login-with-certificate","status":"publish","type":"post","link":"https:\/\/adrhc.go.ro\/blog\/ubuntu-login-with-certificate\/","title":{"rendered":"Ubuntu: login with certificate"},"content":{"rendered":"<pre class=\"brush:bash shell;toolbar: false\">\r\n# See also https:\/\/adrhc.go.ro\/wordpress\/how-to-create-a-certificate\/ for how to create public-pub.openssh.\r\n\r\n# Configure server\r\n# Uncomment in \/etc\/ssh\/sshd_config:\r\nAuthorizedKeysFile\t%h\/.ssh\/authorized_keys\r\n# public-key in openssh format\r\ncat public-key.openssh.pem > ~\/.ssh\/authorized_keys\r\n\r\n# Configure client\r\n# id_rsa -> mandatory name\r\n#\r\n# private-key.pem.des3.bitvise must start similar to:\r\n# -----BEGIN RSA PRIVATE KEY-----\r\n# Proc-Type: 4,ENCRYPTED\r\n# DEK-Info: DES-EDE3-CBC,26D2920A0A1A7AA6\r\n#\r\n# it's not ok if starts with:\r\n# -----BEGIN ENCRYPTED PRIVATE KEY-----\r\ncp -v private-key.pem.des3.bitvise .ssh\/id_rsa\r\n# in order to connect with Remmina + ssh you also need the public key:\r\n# public-key in openssh format\r\ncp -v public-key.openssh.pem .ssh\/id_rsa.pub\r\n\r\n# ERROR \"key_load_public: invalid format\"\r\n# SOLUTION\r\nssh-keygen -f ~\/.ssh\/id_rsa -y > ~\/.ssh\/id_rsa.pub\r\n\r\n# fix ssh permissions\r\ncd $HOME\r\nsudo chown -Rv $USER: .ssh\r\nsudo chmod -v 700 .ssh\r\nsudo chmod -v 600 .ssh\/*\r\nif [ \"`members $USER`\" != \"$USER $USER\" ]; then\r\n\techo -e \"\\nMake sure only $USER is the member of group $USER!\"\r\n\techo \"Actual setup is: `members $USER`\"\r\nfi\r\n\r\n# ERROR\r\n# \"sign_and_send_pubkey: signing failed: agent refused operation\r\n# Permission denied (publickey).\"\r\n# SOLUTION\r\n# http:\/\/askubuntu.com\/questions\/762541\/ubuntu-16-04-ssh-sign-and-send-pubkey-signing-failed-agent-refused-operation\r\ncd ~\/.ssh\r\nssh-add\r\nssh-add -l\r\n<\/pre>\n<pre>\r\n<strong>restart ssh service<\/strong>\r\nsudo systemctl restart ssh\r\nsudo systemctl status ssh\r\n\r\n<strong>login with ssh<\/strong>\r\nssh gigi@adrhc.go.ro\r\n\r\n<strong>sftp location syntax<\/strong>\r\nsftp:\/\/username@adrhc.go.ro\/home\/username\r\n\r\n<strong>#50: Password-less ssh<\/strong>\r\nsee <a href=\"http:\/\/www.tuxradar.com\/content\/linux-tips-every-geek-should-know\" target=\"_blank\">http:\/\/www.tuxradar.com\/content\/linux-tips-every-geek-should-know<\/a>\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p># See also https:\/\/adrhc.go.ro\/wordpress\/how-to-create-a-certificate\/ for how to create public-pub.openssh. # Configure server # Uncomment in \/etc\/ssh\/sshd_config: AuthorizedKeysFile %h\/.ssh\/authorized_keys # public-key in openssh format cat public-key.openssh.pem > ~\/.ssh\/authorized_keys # Configure client # id_rsa -> mandatory name # # private-key.pem.des3.bitvise must start [&hellip;]<\/p>\n<div class=\"link-more\"><a href=\"https:\/\/adrhc.go.ro\/blog\/ubuntu-login-with-certificate\/#more-2267\" class=\"more-link\">Continue reading &#10142; <span class=\"screen-reader-text\">Ubuntu: login with certificate<\/span><\/a><\/div>","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38,8,11,33],"tags":[],"class_list":["post-2267","post","type-post","status-publish","format-standard","hentry","category-centos","category-howto","category-linux","category-ubuntu"],"_links":{"self":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/2267","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/comments?post=2267"}],"version-history":[{"count":0,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/posts\/2267\/revisions"}],"wp:attachment":[{"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/media?parent=2267"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/categories?post=2267"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adrhc.go.ro\/blog\/wp-json\/wp\/v2\/tags?post=2267"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}