SSH Password Auth.

[mickalo]

Hello,

If we enable the "SSH Password Auth" I assume I need to generate the private/public keys in order to login via SSH shell.

I use Vandyke's SecureCRT & SecureFTP which generates it's own pub/private keys. Would I need to import them via the "Manage Keys" import function, then these would be used when I log in as root via the shell if we enable the SSH Password Auth?

What do we need to do to allow anyone else login via the shell ... do we need to import separate pub/private keys for each person we allow shell access? As we sometimes need a outside service to work on the server from time to time, which requires root access via the shell?

Not real clear how this SSH Password Auth actual works with the pub/private keys and where they would be stored on the server. Are they all stored in the /root/.ssh folder?

TIA,
Mickalo

 

[chirpy]

Here's a handy guide that uses putty as the client, but you should get the idea:
http://www.unixwiz.net/techtips/putty-openssh.html#keypair

Basically, you or anyone else logging in over SSH have their own private/public key pair generated on their PC SSH client. You must then put the public key generated in the client into the servers /root/.ssh/authorized_keys2 file. That's it.

So for 3rd parties you need to ask them for their SSH public key to add to the server file to allow them access.

 

[mickalo]

Here's a handy guide that uses putty as the client, but you should get the idea:
http://www.unixwiz.net/techtips/putty-openssh.html#keypair

Basically, you or anyone else logging in over SSH have their own private/public key pair generated on their PC SSH client. You must then put the public key generated in the client into the servers /root/.ssh/authorized_keys2 file. That's it.

So for 3rd parties you need to ask them for their SSH public key to add to the server file to allow them access.

so your saying the ALL the pub keys are stored in one file, the authorized_keys2 ?? Is there a specific format that each of these pub keys are appended to this file??

Thx's
Mickalo

 

[mickalo]

Well maybe someone may come up with a "How To" through for Cpanel/Whm in the future .. seems like a real hassle to set this up.

Mickalo

 

[HostMerit]

Quite easy, generate a key with something such as putty-gen, and create the file if it doesnt exist: /root/.ssh/authorized_keys and put the public version of the key in, on one line.

Then use the private saved key version to access the server through a SSH client.

PuTTY and PuTTY-gen can be downloaded at: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

 

[kilroy]

Where do I find the Manage SSH Keys feature? It doesn't show on my WHM menus.

Roger

 

[mickalo]

Quite easy, generate a key with something such as putty-gen, and create the file if it doesnt exist: /root/.ssh/authorized_keys and put the public version of the key in, on one line.

Then use the private saved key version to access the server through a SSH client.

PuTTY and PuTTY-gen can be downloaded at: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Ok, I'll give it a try. I use Vandyke's SecureCRT which also generates these keys. wouldn't those also work?

Then each public key has to be on it's own single line then? What about multiple pub keys, one on each line?

Mickalo

 

[chirpy]

Yes, each public key goes on a separate line within the file.

 

[flash7]

Manage SSH Keys don't work?