Difference between revisions of "SSH"

From VUB Hosting
Jump to: navigation, search
(Creating an SSH Key Pair with Putty)
(Creating an SSH Key Pair with Putty)
Line 29: Line 29:
 
#* Go to the Windows Start menu -> All Programs -> PuTTY and open PuTTYgen
 
#* Go to the Windows Start menu -> All Programs -> PuTTY and open PuTTYgen
 
[[File:img1_puttygen_at_startup.png]]
 
[[File:img1_puttygen_at_startup.png]]
  +
#* Select the correct type of SSH key to generate as indicated with a red box in the image below
  +
[[File:img1.2_puttygen_at_startup_type_key.png]]
 
#* Click the 'Generate' button and PuTTYgen will ask you to make some random movement with your mouse until it has enough random data to generate a secure key for you
 
#* Click the 'Generate' button and PuTTYgen will ask you to make some random movement with your mouse until it has enough random data to generate a secure key for you
 
[[File:img2_puttygen_at_generating.png]]
 
[[File:img2_puttygen_at_generating.png]]

Revision as of 11:30, 17 October 2018

SSH (EN)

Introduction

SSH means "Secure shell". Using SSH, it is possible access a command line on the web server. Using SSH has many afvantages: it is lightweight, it is designed with security as the most important criterium, it is supported on many platforms, and it is a well known method to manage computer systems from a distance.

for you, as a web hosting user, SSH is especially useful if you:

  • want to modify cron jobs yourself
  • have written scripts to automate certain aspects of your site
  • wish to use programs such as Drush or wp-cli

Logging in without passwords

Logging in without passwords sounds contradictory, but off course doesn't mean we let users log on without authentication. We just use another mechanism to do so: public key authentication. Put in layman's terms, you need a so called "key pair", which consist of two parts - two separate files.

  • a private key, which is yours, personal, and secret. Keep it on your computer and never copy it anywhere else.
  • a public key, which does not contain any secrets, and which you can send worrylessly out into the world.

A key pair can be generated on any computer with the correct software (see below). Then, send us the public key, and we will add it to your account. People who don't have a private key which matches the public key linked to your account will not be able to log on.

For more in depth background information, see ssh.com.

Microsoft Windows

Creating an SSH Key Pair with Putty

PuTTY is a Free Open Source Software (FOSS) solution for Windows that allows Windows users to generate SSH keys and use them to access Linux servers via an SSH connection.

  1. Download and run the PuTTY "Installer" from this page: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
  2. Generate a private and public key pair:
    • Go to the Windows Start menu -> All Programs -> PuTTY and open PuTTYgen

Img1 puttygen at startup.png

    • Select the correct type of SSH key to generate as indicated with a red box in the image below

Img1.2 puttygen at startup type key.png

    • Click the 'Generate' button and PuTTYgen will ask you to make some random movement with your mouse until it has enough random data to generate a secure key for you

Img2 puttygen at generating.png Img3 puttygen at generating finished.png

    • Click the 'Save private key' button and save the resulting file somewhere safe and only accessible by you!
  1. Export Public key to the Linux server:

In the grey box at the top, entitled 'Public key for pasting into OpenSSH authorized_keys file' (in the picture below what is highlighted in the red box), there will be a string of characters.

Img4 puttygen at generating highlight copy.png

Copy all of this string into an email and send it to your contact person at VUB helpdesk, as per the opening instruction on this page.

That's it, you're done!

Setting Up an SSH Session with SSH Keys in PuTTY

When you recieve a confirmation from the hosting team that your public key has been added to your website on the webserver, we can use PuTTY (or whatever application that can use ssh with public keys) to connect to it. We will do this by setting up and saving a session. This way we will be able to quickly reconnect at a later time with all of our settings saved.

Open PuTTY and click on the plus sign of the "SSH" category in the navigation menu:

Img1 ssh tree putty.png

Within this category, click on the "Auth" sub-category. There is a field on this screen asking for the "Private key file for authentication". Click on the "Browse" button:

Img2 ssh menu putty.png

Search for the private key file that you saved. This is the key that ends in ".ppk". Find it and select "Open" in the file window:

Img3 ssh key select.png

Next, in the Navigation menu, click on the plus sign of the “Connection” category. You will see a sub-menu with a sub-category “data”. Click on “Data” and then fill in the text box like here below.

Img4 ssh login.png

The user to fill in is “<username>”

Img5 ssh login full.png

Now, in the navigation menu, we need to return to the "Session" category screen that we started at. This time, we need to create a name for the session that we will be saving. This can be anything, so select something that will help you remember what this is for.

Img6 ssh client.png

When you are finished, click on the "Save" button.

Img7 ssh client2.png

You now have saved all of the configuration data needed to connect to your new server.

Connect to Your Server Using the Saved PuTTY Session Now that you have your session saved, you can recall these values at any time by returning to the "Session" screen, selecting the session you would like to use in the "Saved Sessions" section, and click "Load" to recall the settings. This will auto-fill all of the fields with the values you initially selected. When you are ready to actually connect to your server, on the "Sessions" screen, click the button at the bottom that says "Open" after you have loaded your session:

Img8 ssh open.png

The first time that you connect with the remote host, you will be asked to verify the identity of the remote server. This is expected the first time you connect to a new server, so you can select "Yes" to continue.

Img9 ssh warning.png

Afterwards, you should immediately be logged into your new server without ever having to type in a password If you've gotten this far, you've successfully configured SSH keys with your web server!

Linux

Creating an SSH key pair with ssh-keygen

Most Linux distributions come with OpenSSH included. First of all, open a terminal window.

  1. To install it, use these commands:
    • on Debian, Ubuntu, or Mint:
      $ sudo apt-get install openssh-client
    • on Fedora, CentOS, or Red Hat Enterprise Linux:
      # yum install openssh openssh-clients
  2. Type the following command:
    $ ssh-keygen
    You can accept the default file locations (.ssh/id_rsa and .ssh/id_rsa.pub in your home directory for the private and public key, respectively), and optionally enter a password (this is recommended to prevent someone who steals your data or computer from abusing your private key).
  3. send us the public key! hint: .ssh is a hidden directory...

Logging on to the web server using SSH

This is going to be a very short tutorial:

 $ ssh <username>@<servername>

If you don't get any errors and a prompt appears, saying

 user@morse ~$ 

then you are logged in!

SSH (NL)

Inleiding

SSH staat voor Secure Shell. Met SSH is het mogelijk een remote commandolijn te krijgen op onze webserver. SSH heeft tal van voordelen: het is licht in gebruik, ontworpen met veiligheid als belangrijkste vereiste, ondersteund op vele platformen, en een goed ingeburgerde manier om op afstand systemen te beheren.

SSH is voor u als hosting-gebruiker vooral nuttig indien u:

  • zelf cron jobs wil aanpassen
  • scripts hebt geschreven die bepaalde aspecten van uw site automatiseren
  • u met programma's als Drush of wp-cli wenst te werken
  • ...