expoweb/handbook/computing/keyexchange.html

52 lines
3.0 KiB
HTML
Raw Normal View History

2019-07-17 12:23:45 +01:00
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Handbook placeholder page</title>
<link rel="stylesheet" type="text/css" href="../../css/main2.css" />
</head>
<body>
<h2 id="tophead">CUCC Expedition Handbook</h2>
<h1>Cryptographic Key Exchange</h1>
<p>As of the server move in spring 2019 you need authorisation on the expo server to log in. This takes the form of an ssh key. You generate it on the machine you use for access, then send the public half to the server.</p>
2019-07-17 12:23:45 +01:00
<p>'ssh' is 'secure shell' and is widely used for secure access to machines and services.</p>
2019-07-17 12:23:45 +01:00
<h2>What do I need to do?</h2>
2019-08-19 16:33:14 +01:00
<p>You will need to run ssh-keygen/PuTTYgen on your device, email the public key to someone who already has ssh access (Wookey, Paul Fox, Philip Sargent, Sam Wenham). Once installed by them you should be able to log in as 'expo' over ssh (and other software like tortoise will also use this behind the scenes). This only needs doing once (for any machine you want access from).</p>
<p>Explanation of how <a href="https://www.ssh.com/ssh/keygen/">ssh keys</a> work.</p>
2019-08-19 16:33:14 +01:00
<p>A public key file looks like this: <tt>ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApc9+PAMrDtWa8D8/ZneLP2X9UOYmTITAhTd2DRs8SE+NDgis5pYo/Xhtbrg86ePMAC2YM5xAkYx3jNA/VZ/PkB3gTzYJW3T/zTH+cc7YeWhy9l1zIMaYqeyvw7FxeSBaR4XoLPVtVUlai8DUDiWAEm7VvOKj1n68z1LxVh1MZXLm7btckf6fske2YU9UpjqT++AURQvFheRJ4la7KBJ7LXZ3A/TQ7HQaTpqmcQKCiRj/yZ5FNHxBk0M+ShbHUtz1GhXRCMJ3LZHaw24OJyVJ8YNzBiStBb1qcWCXX7HR9CUNhz7tA5HZyc1lau/1vwk8MSe93lyyLntzJKkqmkW/cQ== wookey@kh</tt>i.e. a long string of characters with 'ssh-rsa' at the start and a 'user'@'machine' ID at the end.</p>
<h3>Windows</h3>
<p>On a Windows machine use
2019-08-19 16:33:14 +01:00
<a href=h"ttps://www.ssh.com/ssh/putty/windows/puttygen">puttygen</a>, which is part of <a href="https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html">PuTTY</a>. You need to install that if you don't already have it.</p>
<p>Follow the Puttygen instructions, but the really short version is:
<li>Run PuTTYgen</li>
<li>Click on 'Generate'. Follow the instructions. Don't bother adding a passphrase.</li>
<li>Save the key</li>
<li>Copy all of the public key out of the window and paste that into the email. Make sure not to miss part or add newlines or otherwise mess with it.</li>
</ol>
<h3>Linux</h3>
<ol>
<li>You need openssh-client installed - it's it extremely likely to already be installed. If not (as root/with sudo) <tt>apt install openssh-client</tt>.</li>
<li>You may already have a key on this machine. If you already have <tt>~/.ssh/id_rsa.pub</tt>, then send that.</li>
<li>If not, run <tt>ssh-keygen</tt>. It may ask about passwords: you can add a password for extra
security, but a passwordless key is fine, and more convenient.</li>
<li>That will create a file: <tt>.ssh/id_rsa.pub</tt> in your home directory. Email that file to one of the admins listed above. </li>
</ol>
2019-07-17 12:23:45 +01:00
<hr />
<div id="menu">
<ul id="links">
<li><a href="../index.htm">Handbook</a>
<li><a href="../../infodx.htm">Main index</a></li>
</ul>
</div>
</body>
</html>