Setup SFTP to use public-key authentication - linux

How do you setup server to server SFTP to use public-key authentication instead of user account and password?

In the client you need to generate its public key and add it to server's authorized key list.
The following are the commands you can use.
On client machine
ssh-keygen -t dsa -f id_dsa
mv id_dsa* ~/.ssh/
scp ~/.ssh/id_dsa.pub USER_NAME#SERVER:~/.ssh/HOST_NAME.key
On the server
cat ~/.ssh/HOST_NAME.key >> ~/.ssh/authorized_keys2

Remember to
chmod 700 .ssh
and also
chmod 600 authorized_keys

This is a solution for windows users
I had a similar issue on windows so I used Putty from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
If you need to generate a public key then use:
http://the.earth.li/~sgtatham/putty/latest/x86/puttygen.exe
Then, when you want to automate a batch to download from the FTP server the Pageant in order to load the private key into session
http://the.earth.li/~sgtatham/putty/latest/x86/pageant.exe
Then use the PSFTP to connect and perform actions
http://the.earth.li/~sgtatham/putty/latest/x86/psftp.exe
So here is sample code for the batch:
!--Loading the key to session--!
#C:\pageant.exe "C:\privatekey.ppk"
!--Calling the PSFTP.exe with the uaser and sftp address + command list file--!
#C:\psftp user#your.server.address -b C:\sftp_cmd.txt
Command list file (sftp_cmd.txt) will like like this:
mget "*.*" !--downloading every thing
!--more commands can follow here
close
Now, all you need to to schedule it in scheduled tasks
*I wish it was simple as unix's cron job....

Related

In Azure, how to change the authentication of the server?

When spinning up a linux virtual machine, I have chosen the authentication type as password. Now I want to change to ssh. How to achieve this?
Thanks
You can use Azure portal to reset password, like this:
If you want to change authentication type, you can follow this steps:
1. Create an SSH key pair
ssh-keygen -t rsa -b 2048
2. rename id_rsa.put to authorized_keys
mv /home/user/.ssh/id_rsa.pub /home/user/.ssh/authorized_keys
3.Copy id_rsa to your local, then you can use this key to SSH it.

Using more than one keypair (ssh)

I've created a server on Digital Ocean and made a keypair for connection over ssh for the root user. Now it wants me to create a keypair for the new regular user I've created. What is the normal practice for naming these keys and how do I use them so the system knows which keys to use when I'm signing in to each account?
Name them however you wish to remember them; typically by user. Use the identify file option when you connect.
To connect with a file:
ssh -i /path/to/key.pem user#host
To generate a new file and save it somewhere
ssh-keygen -f /path/to/file
See man ssh && man ssh-keygen
See: https://www.freebsd.org/cgi/man.cgi?query=ssh&sektion=1
See: https://linux.die.net/man/1/ssh-keygen

Transfer files between local to remote server using ssh without password authentication

I want to transfer some files from my local to remote, like github does it. I want to happend it very smooth like in shell script. I tried creating one shell script which automates the process of ssh authentication without password but for first time it exposes my remote server password. I dont want to do it that way. Like in git we can't see their server password. Is there any possible way that we can do ?
I used this article script to automate ssh login. http://www.techpaste.com/2013/04/shell-script-automate-ssh-key-transfer-hosts-linux/
As i mentioned, you can use the scp command, like this:
scp /local_dir/some*.xml remote_user#remote_machine:/var/www/html
This requires that you need connect to the remote machine without password, only with ssh key-authentication.
Here is a link: http://linuxproblem.org/art_9.html to help you.
The important steps: (automatic login from host A / user a to Host B / user b.)
a#A:~> ssh-keygen -t rsa
a#A:~> ssh b#B mkdir -p .ssh
a#A:~> cat .ssh/id_rsa.pub | ssh b#B 'cat >> .ssh/authorized_keys'

need to make password less login for same linux server with same user

i need to make passwordless login for same linux server with same user.
[airwide#eir ~]$ hostname -i
10.3.7.73
[airwide#eir ~]$ ssh airwide#10.3.7.73
airwide#10.3.7.73's password:
how can make to passwordless for same server?
Password-free login via SSH is managed using SSH keys. You can generate a keypair using the command ssh-keygen. The ssh keypair is usually stored in ~/.ssh in a pair of files named id_rsa and id_rsa.pub. When you use SSH to connect to a server, the SSH command will look for a private key in ~/.ssh/id_rsa, and will attempt to authenticate using that key. In order to authorize the key, you will need to place the public key into your authorized_keys file:
`cat ~/./ssh/id_rsa.pub >> ~/.ssh/authorized_keys`
Once you've done that, you will be able to use SSH to connect without a password from the server where the id_rsa file is to the server that has the content of id_rsa.pub in its authorized_keys file. (You can do this for same-server, as in your question, or between multiple servers. Either way, it's the same process.)
Add server's private key in known host key under .ssh folder.
You are looking for ssh keys. You can create one by entering ssh-keygen. This wil create a public key and a private key. You place the public key on the remote server, and then you can use SSH without a password.
More details, and howto:
https://wiki.archlinux.org/index.php/SSH_keys

saving rsync password for cron jobs

I'm writing a cron job that uses rsync and ssh to sync things up, but the problem is, rsync requires password when connecting to the remote server. i need to save the rsync ssh password, so it can keep syncing without asking for the password. Is there any way to do that? or is it just impossible?
Use Generate the authentication key
http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password
You can follow these steps to get your task done. Use commands mentioned below.
Step 1) You can use ssh-keygen -t rsa to generate RSA public key.
Step 2) ssh-copy-id -i /root/.ssh/id_rsa.pub user#destination_IP_address
( This copies the public key to remote machine , now your local machine knows your remote machine.)
( Note: make sure you are using appropriate "user" across machines. )

Resources