SSH keys are a means of authenticating a user to an SSH server without using a password. Each 'key' is actually a key pair consisting of a public key and a private key. Keys are more secure than passwords because they are significantly more complex.
Create a key pair on the Mac you are using; put both idrsa.pub and idrsa into /.ssh and run chmod 600 idrsa; append the generated public key (idrsa.pub) to.ssh/authorizedkeys on the remote machine (your server in this case). If you are allowed to login in via ssh using a password, use. When you generate your keys, you will use ssh-keygen to store the keys in a safe location so you can bypass the login prompt when connecting to your server. To generate SSH keys in Mac OS X, follow these steps: Enter the following command in the Terminal window. Ssh-keygen -t rsa This starts the key generation process. How to use PuTTY SSH keys with the built-in OpenSSH. If you have a PuTTY.ppk format private key and want to use it with the built-in OpenSSH on Mac on the command line or in scripts, you can use the following commands. First, install PuTTY for Mac using brew install putty or port install putty (see below). There are many options of running the SSH on Macs, however we recommend running this from the terminal command line as this is the easiest. To get started, you need to open the Terminal application which is found in Applications Utilities Directory, but you can also launch this by hitting cmd+spacebar and typing 'Terminal' into the search box and then return.
If these files exist, then you have already created SSH keys. You can overwrite the keys with the following commands, or skip this step and go to configuring SSH keys to reuse these keys. Create your SSH keys with the ssh-keygen command from the bash prompt. This command will create a 2048-bit RSA key for use with SSH.
While a password of eight characters is 72 bits long, SSH keys are often 2048 bits or longer. This longer string has many more possible permutations and therefore takes much more time to crack with a brute force attack.
If you require SSH access for multiple users, the use of SSH keys instead of individual logins can bypass many of the headaches involved in user management without violating PCI DSS. See What are the advantages of using SSH keys to control access for multiple users? for details.
Method
The process involves generating a pair of SSH key files containing a private key and a public key. The private key is known only to the user's computer; the public key will be known to the server. Each key is useless without the other; therefore, only individuals with both the private and the public key can gain access to the server, and the private key is never revealed to the server.
Users should take special care to not lose the private key. A lost private key cannot be replicated; therefore, the user cannot access the server until an administrator generates a new key pair. If you lose access to your server due to a lost key, contact our Support Team for assistance. Miro board download.
1: Create and save the SSH key files
- Issue the ssh-keygencommand; see the example below:
- The keys save to the default location or, if one was specified, in a separate file. Choose one:
- If you do want a passphrase, type it now and hit Enter. Type the passphrase again when prompted.
- If you do not want a passphrase, hit Enter twice in succession without entering a passphrase.
- If you do want a passphrase, type it now and hit Enter. Type the passphrase again when prompted.
- You will now see the identification fingerprint for the SSH key. This image is automatically generated.
2: Transfer the public key file to the receiving server
- If you are a Nexcess Cloud client, log in to your Client Portal to add the key. If you cannot find your login credentials, either click Forgot Password? on the login page, or contact our 24/7 support team.
- If you are not a Nexcess Cloud client, the easiest method-of-transfer uses the ssh-copy-id command. Run the ssh-copy-idcommand with the same arguments used for connecting to the server using the sshcommand:
Mac Ssh Public Key
3:Test the connection
- Issue the following command:
- Select Yes to accept the key fingerprint.
- Attempt to log in to the server. If ssh key authentication is functioning properly, you will log in successfully.
- If prompted, type the passphrase created in 1: Create and save the SSH key files.
For 24-hour assistance any day of the year, contact our support team by email or through your Client Portal.
Overview
To use SSH keys on IU Sitehosting, follow the instructions for your OS.
authorized_keys
file in the .ssh
directory in your account. Any manual changes made to this file will be purged.Generate SSH keys on Linux/Mac
- Generate a public/private key pair:
- Log in to the computer you will use to access Sitehost, and then use the command line to generate a key pair. To generate RSA keys, on the command line, enter:
- You will be prompted to supply a filename (for saving the key pair) and a passphrase (for protecting your private key):
- Filename: To accept the default filename and location for your key pair, press
Enter
orReturn
without entering a filename. Alternatively, you can enter a filename (for example,my_ssh_key
) at the prompt, and then pressEnter
orReturn
. - Passphrase: Enter a passphrase that contains at least five characters, and then press
Enter
orReturn
. If you pressEnter
orReturn
without entering a passphrase, your private key will be generated without password protection.
- Filename: To accept the default filename and location for your key pair, press
- Once the key pair has been generated, navigate to the location where you saved the public key.
- Copy the contents of your public key (this is the file with the
.pub
extension). - Once you copy the contents of your public key, see Add a public key to IU Sitehosting below.
Generate SSH keys on Windows
Create Ssh Key Mac
- Install PuTTY. The PuTTY command-line SSH client, the PuTTYgen key generation utility, the Pageant SSH authentication agent, and the PuTTY SCP and SFTP utilities are packaged together in a Windows installer available under The MIT License for free download from the PuTTY development team.
- Launch PuTTYgen.
- In the 'PuTTY Key Generator' window, under 'Parameters':
- For 'Type of key to generate', select RSA. (In older versions of PuTTYgen, select SSH2-RSA.)
- For 'Number of bits in a generated key', leave the default value (
2048
).
- Under 'Actions', click Generate.
- When prompted, use your mouse (or trackpad) to move your cursor around the blank area under 'Key'; this generates randomness that PuTTYgen uses to generate your key pair.
- When your key pair is generated, PuTTYgen displays the public key in the area under 'Key'. In the 'Key passphrase' and 'Confirm passphrase' text boxes, enter a passphrase to passphrase-protect your private key.If you don't passphrase-protect your private key, anyone with access to your computer will be able to SSH (without being prompted for a passphrase) to your account on any remote system that has the corresponding public key.
- Right-click in the 'Public key for pasting into OpenSSH authorized_keys file' text box, choose Select All, and then right-click in the text box again and select Copy.
- Save your private key in a safe place. You'll use the passphrase any time you log into a Sitehost server using SSH keys, and you'll need to copy the public key to your profile on the WebTech website. To save your private key:
- Under 'Actions', next to 'Save the generated key', click Save private key.If you didn't passphrase-protect your private key, the utility will ask whether you're sure you want to save it without a passphrase. Click Yes to proceed or No to go back and create a passphrase for your private key.
- Keep 'Save as type' set to PuTTY Private Key Files (*.ppk), give the file a name (for example,
putty_private_key
), select a location on your computer to store it, and then click Save. - If you wish to connect to a remote desktop system such as Research Desktop (RED), click Conversions > Export OpenSSH key, give the file a name (for example,
putty_rsa
), select a location on your computer to store it, and then click Save.
- Under 'Actions', next to 'Save the generated key', click Save private key.
If you no longer have the public key, or if it is later determined to be invalid, use the following steps to obtain a public key:
To use SSH keys on IU Sitehosting, follow the instructions for your OS.
authorized_keys
file in the .ssh
directory in your account. Any manual changes made to this file will be purged.Generate SSH keys on Linux/Mac
- Generate a public/private key pair:
- Log in to the computer you will use to access Sitehost, and then use the command line to generate a key pair. To generate RSA keys, on the command line, enter:
- You will be prompted to supply a filename (for saving the key pair) and a passphrase (for protecting your private key):
- Filename: To accept the default filename and location for your key pair, press
Enter
orReturn
without entering a filename. Alternatively, you can enter a filename (for example,my_ssh_key
) at the prompt, and then pressEnter
orReturn
. - Passphrase: Enter a passphrase that contains at least five characters, and then press
Enter
orReturn
. If you pressEnter
orReturn
without entering a passphrase, your private key will be generated without password protection.
- Filename: To accept the default filename and location for your key pair, press
- Once the key pair has been generated, navigate to the location where you saved the public key.
- Copy the contents of your public key (this is the file with the
.pub
extension). - Once you copy the contents of your public key, see Add a public key to IU Sitehosting below.
Generate SSH keys on Windows
Create Ssh Key Mac
- Install PuTTY. The PuTTY command-line SSH client, the PuTTYgen key generation utility, the Pageant SSH authentication agent, and the PuTTY SCP and SFTP utilities are packaged together in a Windows installer available under The MIT License for free download from the PuTTY development team.
- Launch PuTTYgen.
- In the 'PuTTY Key Generator' window, under 'Parameters':
- For 'Type of key to generate', select RSA. (In older versions of PuTTYgen, select SSH2-RSA.)
- For 'Number of bits in a generated key', leave the default value (
2048
).
- Under 'Actions', click Generate.
- When prompted, use your mouse (or trackpad) to move your cursor around the blank area under 'Key'; this generates randomness that PuTTYgen uses to generate your key pair.
- When your key pair is generated, PuTTYgen displays the public key in the area under 'Key'. In the 'Key passphrase' and 'Confirm passphrase' text boxes, enter a passphrase to passphrase-protect your private key.If you don't passphrase-protect your private key, anyone with access to your computer will be able to SSH (without being prompted for a passphrase) to your account on any remote system that has the corresponding public key.
- Right-click in the 'Public key for pasting into OpenSSH authorized_keys file' text box, choose Select All, and then right-click in the text box again and select Copy.
- Save your private key in a safe place. You'll use the passphrase any time you log into a Sitehost server using SSH keys, and you'll need to copy the public key to your profile on the WebTech website. To save your private key:
- Under 'Actions', next to 'Save the generated key', click Save private key.If you didn't passphrase-protect your private key, the utility will ask whether you're sure you want to save it without a passphrase. Click Yes to proceed or No to go back and create a passphrase for your private key.
- Keep 'Save as type' set to PuTTY Private Key Files (*.ppk), give the file a name (for example,
putty_private_key
), select a location on your computer to store it, and then click Save. - If you wish to connect to a remote desktop system such as Research Desktop (RED), click Conversions > Export OpenSSH key, give the file a name (for example,
putty_rsa
), select a location on your computer to store it, and then click Save.
- Under 'Actions', next to 'Save the generated key', click Save private key.
If you no longer have the public key, or if it is later determined to be invalid, use the following steps to obtain a public key:
- Launch PuTTYgen.
- Click Load.
- Navigate to your private key and click Open.
- In the PuTTYgen pop-up window, enter the passphrase.
- Right-click in the 'Public key for pasting into OpenSSH authorized_keys file' text box, choose Select All, and then right-click in the text box again and select Copy.
- Select File > Exit to close PuTTYgen.
Add a public key to IU Sitehosting
- Go to the IU Sitehosting account management.
- At the top right, click Sign in, and, if prompted, log in with your IU username and passphrase.
- At the top right, click your name. When you see the dropdown menu, click Manage SSH Keys.
- Under 'Manage SSH keys':
- In the 'Note' field, enter a short description.
- In the 'Public Key' field, paste the public key you copied in step 7 above.
- Click Add. If the public key is valid, it will be added to your profile. Within 30 minutes, the public key will be added to all Sitehost-test and Sitehost accounts that you own, or for which you are a proxy or developer.