287
edits
Changes
From Amahi Wiki
no edit summary
This will allow you to safely login using SSH onto your HDA without having to provide a password every time.
== KeyWindows -Based SSH Logins with OS X's Terminal.app =PuTTY=
Download the following files from the [http://www.chiark.greenend.org.uk/%7Esgtatham/putty/download.html PuTTY download] page and save them on your Windows system, e.g. on the desktop:
Both files are self contained executables. That is: they do not install anything but run from where they are saved.
In PuTTY, you can create profiles for connections to your various SSH servers, so you don't have to type in the settings again when you want to connect to a certain server again.
Now you are on your 'Sessions' screen lets open our session by pressing open. You should see:
Here we can use PuTTYgen to create a private/public key pair. Start it by double-clicking its executable file. Make sure you select SSH-2 RSA under Type of key to generate and specify 1024 as the Number of bits in a generated key. Then click on Generate:
Now we must transfer the public key to our Amahi HDA server. Copy the key from the PuttyGEN window:
Close down your shell to your HDA and restart ''putty'' and load your ''192.168.1.67'' profile
Now on our puuty PuTTY sessions screen load your '''192.168.1.67''' profile and press ''Open''. You should get:
[[Image:Red-S12.png]]
[[Image:Red-S12a.png]]
=Mac OS X - Terminal.app=
==Open Terminal.app==
You can find Terminal.app in your Applications > Utilities folder.
==Generating a public/private key pair==
Execute the following command, in Terminal.app:
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
ssh-keygen -t rsa</div>
Accept all the defaults values (by hitting ENTER) to the questions you'll be asked.
==Save the public key on our Amahi server==
Now we must transfer the public key to our Amahi HDA server.
Execute the following command, in Terminal.app:
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">
scp ~/.ssh/id_rsa.pub your_username@hda:.</div>
Replace ''your_username'' with the username you created on Fedora.<br/>
If your HDA is not yet setup, you might have to replace ''hda'' by your HDA' IP address too.<br/>
When prompted, enter the associated password.
Then, we must copy that public key into the ''authorized_keys'' file.
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">ssh your_username@hda<br />
mkdir ~/.ssh<br />
chmod 700 ~/.ssh<br />
mv id_rsa.pub .ssh/authorized_keys2</div>
Now to make that file accessible by only the user
<div style="border: 1px solid #A3B1BF; padding: .5em 1em; color: #000; background-color: #E6F2FF; margin: 3px 3px 1em 3px;">chmod 600 ~/.ssh/authorized_keys2</div>
=Linux=
Follow the [[#Mac_OS_X_-_Terminal.app|Mac OS X instructions]], but use a standard terminal (Applications > System Tools > Terminal in Fedora).
Up to now, you can log in with your private/public key pair and still with username/password logins, so if someone doesn't attach a private key to his PuTTY session, he will be asked for a username and password. So to achieve a better security, we must disable the username/password logins (you should do this only when you know that your key-based logins are working, because if they aren't and you disable username/password logins, then you have a problem...).
