mirror of
https://expo.survex.com/repositories/expoweb/.git/
synced 2025-01-18 08:52:37 +00:00
remove obsolete <tt> tag, update to HTML5
This commit is contained in:
parent
4bb6fac7af
commit
b792370878
@ -20,7 +20,7 @@
|
||||
|
||||
<p>Explanation of <a href="https://www.ssh.com/ssh/keygen/">key-pairs and the ssh-keygen command</a>.</p>
|
||||
|
||||
<p>A public key file looks like this: <tt>ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApc9+PAMrDtWa8D8/ZneLP2X9UOYmTITAhTd2DRs8SE+NDgis5pYo/Xhtbrg86ePMAC2YM5xAkYx3jNA/VZ/PkB3gTzYJW3T/zTH+cc7YeWhy9l1zIMaYqeyvw7FxeSBaR4XoLPVtVUlai8DUDiWAEm7VvOKj1n68z1LxVh1MZXLm7btckf6fske2YU9UpjqT++AURQvFheRJ4la7KBJ7LXZ3A/TQ7HQaTpqmcQKCiRj/yZ5FNHxBk0M+ShbHUtz1GhXRCMJ3LZHaw24OJyVJ8YNzBiStBb1qcWCXX7HR9CUNhz7tA5HZyc1lau/1vwk8MSe93lyyLntzJKkqmkW/cQ== wookey@kh</tt>i.e. a long string of characters with 'ssh-rsa' at the start and an ID at the end (often 'user'@'machine').</p>
|
||||
<p>A public key file looks like this: <code>ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApc9+PAMrDtWa8D8/Z<em>..lots more like this..</em>qmkW/cQ== wookey@kh</code>i.e. a long string of characters with 'ssh-rsa' at the start and an ID at the end (often 'user'@'machine').</p>
|
||||
|
||||
<h3>Windows</h3>
|
||||
<p>On a Windows machine use
|
||||
@ -37,15 +37,18 @@
|
||||
|
||||
<h3>Linux</h3>
|
||||
<ol>
|
||||
<li>You need openssh-client installed - it's it extremely likely to already be installed. If not (as root/with sudo) <tt>apt install openssh-client</tt>.</li>
|
||||
<li>You may already have a key on this machine. If you already have <tt>~/.ssh/id_rsa.pub</tt>, then send that.</li>
|
||||
<li>If not, run <tt>ssh-keygen</tt>. It may ask about passwords: you can add a password for extra
|
||||
<li>You need openssh-client installed - it's it extremely likely to already be installed. If not (as root/with sudo)
|
||||
<code><font color="darkred">$</font> sudo apt install openssh-client</code>.</li>
|
||||
<li>You may already have a key on this machine. If you already have <var>~/.ssh/id_rsa.pub</var>, then send that.</li>
|
||||
<li>If not, run
|
||||
<code><font color="darkred">$</font> ssh-keygen</code>
|
||||
It may ask about passwords: you can add a password for extra
|
||||
security, but a passwordless key is fine, and more convenient.</li>
|
||||
<li>That will create a file called (by default) <tt>.ssh/id_rsa.pub</tt> in your home directory. Email that file to one of the admins listed above. </li>
|
||||
<li>That will create a file called (by default) <var>.ssh/id_rsa.pub</var> in your home directory. Email that file to one of the admins listed above. </li>
|
||||
</ol>
|
||||
<p>This is an example of the whole interaction where the key file has been given a different name:
|
||||
<pre>
|
||||
<code>$ <b>ssh-keygen -C "philip@muscogee-wsl"</b>
|
||||
<code><font color="darkred">$</font> <b>ssh-keygen -C "philip@muscogee-wsl"</b>
|
||||
Generating public/private rsa key pair.
|
||||
Enter file in which to save the key (/home/philip/.ssh/id_rsa): <b>id_rsa_wsl</b>
|
||||
Enter passphrase (empty for no passphrase):
|
||||
@ -66,12 +69,12 @@ The key's randomart image is:
|
||||
|B o . |
|
||||
|oo |
|
||||
+----[SHA256]-----+
|
||||
$
|
||||
<font color="darkred">$</font>
|
||||
</code>
|
||||
</pre>
|
||||
<p>This will enable ssh login instantly. Check that it has worked by logging in to the expo server like this:
|
||||
<code>
|
||||
$ <b>ssh expo@expo.survex.com</b>
|
||||
<font color="darkred">$</font> <b>ssh expo@expo.survex.com</b>
|
||||
</code>
|
||||
<h4>If it didn't work</h4>
|
||||
<p>You may get this response if the public key has not been loaded properly on the server or if your laptop has not loaded the secret key properly.
|
||||
@ -82,18 +85,18 @@ expo@expo.survex.com: Permission denied (publickey).
|
||||
<li>Check that <var>ssh-keygen</var> has put both files into your Linux home <var>.ssh</var> folder on your laptop,
|
||||
if not, then move them there:
|
||||
<code>
|
||||
$ mv id_rsa_wsl* ~/.ssh
|
||||
<font color="darkred">$</font> mv id_rsa_wsl* ~/.ssh
|
||||
</code>
|
||||
where <b>id_rsa_wsl</b> is the 'file in which to save the key' you specified above.
|
||||
<br><br></li>
|
||||
<li>Check that the ssh agent process is running and fix it if it is not (full details of how to do this
|
||||
give at <a href="https://www.ssh.com/academy/ssh/agent">www.ssh.com/academy/ssh/agent</a>)
|
||||
<code>
|
||||
$ ssh-add -l
|
||||
<font color="darkred">$</font> ssh-add -l
|
||||
</code>
|
||||
and if the process is not running, start it like this
|
||||
<code>
|
||||
$ eval `ssh-agent`
|
||||
<font color="darkred">$</font> eval `ssh-agent`
|
||||
</code>
|
||||
Check that the key is loaded by running <var>ssh-add -l</var> and then test that you can login again.
|
||||
|
||||
@ -124,22 +127,23 @@ documentation</a>, start from scratch, and do it all again but this time using a
|
||||
<ol>
|
||||
<li>On your new machine, generate a key-pair. Since you are probably using a different operating system on your second machine, read the instructions above for the relevant OS. Yes you will be generating a new key. Do not re-use the key you had already.
|
||||
<li>This time though, you will want to be sure that the key has a meaningful label. On Linux this means something like this:
|
||||
<tt> ssh-keygen -C "anathema.device@crowley"</tt>
|
||||
<code><font color="darkred">$</font> ssh-keygen -C "anathema.device@crowley"</code>
|
||||
(if your name is Anathema Device and your new machine is "crowley"). Just click through the questions it asks accepting the defaults. It will tell you what the key files are called and where it has put them.
|
||||
<li>
|
||||
If you accepted the defaults, the public key will be called <span style="font-family:monospace; size=x-small; background-color: lightgray">id_rsa.pub</span> and it will be in <span style="font-family:monospace; size=x-small; background-color: lightgray">~/.ssh/</span> - check that this is the case.
|
||||
If you accepted the defaults, the public key will be called <var>~/.ssh/</var> - check that this is the case.
|
||||
<li>Now copy the public key file to your <em>first machine</em>, the one that is already set up with a working key-pair setup with the expo server. Using email to yourself is easiest.
|
||||
<li>Now upload the public key using sFTP (Filezilla configured to use sFTP, which uses Pageant by default) to <span style="font-family:monospace; size=x-small; background-color: lightgray">expo.survex.com/home/expo/.ssh/keys/</span>
|
||||
<li>Now upload the public key using sFTP (Filezilla configured to use sFTP, which uses Pageant by default) to
|
||||
<var>expo.survex.com/home/expo/.ssh/keys/</var>
|
||||
<li>Now login to the expo server on your first machine and do these commands:<br />
|
||||
Be <b>extremely careful</b> to type ">>" and not ">" in the fourth line below otherwise you will delete <i>everyone's</i> logins.
|
||||
<tt><font color=red">$</font> ssh expo@expo.survex.com
|
||||
<code><font color="darkred">$</font> ssh expo@expo.survex.com
|
||||
<br /><font color=blue">expo@expo:~$</font> cd .ssh
|
||||
<br /><font color=blue">expo@expo:~$</font> cp -p authorized_keys authorized_keys.backup
|
||||
<br /><font color=blue">expo@expo:~/.ssh$</font> cat keys/id_rsa.pub >>authorized_keys
|
||||
<br /><font color=blue">expo@expo:~/.ssh$</font> tail -n 1 authorized_keys
|
||||
</tt>
|
||||
</code>
|
||||
This adds your key on to the end of the authorized keys list and prints the last line - which should be your key that you just added.
|
||||
<li>Now your public key is installed for your second machine. You check that it works by logging into the expo server using ssh from your second machine: <em>ssh expo@expo.survex.com </em>.
|
||||
<li>Now your public key is installed for your second machine. You check that it works by logging into the expo server using ssh from your second machine: <var>ssh expo@expo.survex.com </var>.
|
||||
</p>
|
||||
<p>Note that by using sFTP like this we avoid having to use a text editor over ssh. If you know what you are doing you can do this of course, but the above process is less likely to cause problems for a Windows user setting up their phone as a second device where they are not experienced with vi or nano.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user