SECURE SSH KEY SETUP - Error in the tutorial?
-
ivps
MemberHi Guv,
I need to be 100% sure on something.
SECURE SSH KEY SETUP 4 LINUX: local-PC-to-remote-server: VPS BIBLEBasically, at the beginning were it says: "ssh-keygen -t rsa"
I just hit enter, so I understood that the file would go to the /home folder, and it did, I saw it via Cyberduck.Then fast forward to end of the tutorial, the following doesn't look right:
"mkdir /home/username/.ssh
mv /home/username/id_rsa.pub /home/username/.ssh/authorized_keysI replaced the "username" as it should, and got errors;
1) mkdir /home/username/.ssh already exist...2) mv /home/username/id_rsa.pub /home/username/.ssh/authorized_keys
Not possible because
a) id_rsa.pub is already in .ssh
b) authorized_keys folder does not existSo
Did you mean, forgot/or was I supposed to:
Ignore mkdir /home/username/.ssh because it already existed?
Instead; Change it to mkdir /home/username/.ssh/authorized_keys instead? as this would created the folder?
3) mv /home/username/id_rsa.pub /home/username/.ssh/authorized_keys
Becomes:
4) mv /home/username/.ssh/id_rsa.pub /home/username/.ssh/authorized_keysPlease let me know, because what I "corrected" seemed to work, but I am a newbie, and I want to learn. If it is mistake, could you please amend it?
Thank you.PS: I am not able to do anything right now, because I am locked out, following the Firewall script!
Posted 7 months ago # -
Joe Crocetta
MemberFirst off you need to realize that the mv command moves the file and can also rename it at the same time as in this instance (moves and renames from id_rsa.pub to authorized_keys)... SO authorized_keys is not a folder .. it is the text file you created with nano where you should have copied the rsa key text .. It was originally named id_rsa.pub
After you understand that mv command the rest of your questions become irrelevant.
Posted 7 months ago # -
i did a video on it IVPS
Posted 7 months ago # -
ivps
MemberThanks Joe and Marcus,
Well, ok then, I need to go back and delete the disk again... ! Because I am sure I've messed up something else along the way, unless there is an easy way to revert back properly?
How to remove the passphrase key(s), properly, as it's probably located were it shouldn't?Are there supposed to be 2 x id_rsa.pub keys in total, with exact same file size and names, before renaming it/them?
What is the other key called id_rsa?
At the minute, I can see via Cyberduck, inside the folder .ssh, there are 3 x files (id_rsa + id_rsa.pub + known_hosts) and one folder named authorized_keys; inside this folder there is an other id.rsa.pub
Marcus, I am going to watch the video, thank you very much.
I am going to need help with the Local vs Remote login though, as I understand, Guv is a PC user, so there are some differences.
Thank you again
Posted 7 months ago # -
There is quite a lot of hair pulling involved IVPS.
But you will probably find it easier just to watch the video to understand the Mac keypair process.
Windows (And Putty) are a total distraction at this point. MAcs come with there own ssh terminal.Which cuts out a lot of fiddling about.
Remote /Local is not complicated.
You have a Mac. Your mac comes with its Operating System. That is your local system. It is different to windows, in that You can access that system via your terminal.
When you open your terminal, it is by default set on entry to the MAc OS.
You will see some code and your computer name before the dollar sign. If you type in <ls> it will show you the files in the system. Essentially, your local computer system is your local server. (If you ran a business 5 years ago, you might have a had a local server in your office).Your remote server is your Linode. It is a server not based in your office, but over in London Or Chicago or somewhere. You access it by entering its IP address.
e.g 197.76.85.165
so
Because port 22 is a default port, you don't need to enter it.
However, for security,we change some things.
So a more secure entry is
ssh hector@197.76.85.165 -p47652
keep going IVPS...it will all make sense
It actually took me weeks to wrap my head around this stuff, because working with any IT culture myself, in vacuum, except for VPSBIBLE, I found quite challenging...
the good news is that my hair is growing back now
Posted 7 months ago # -
Technically of course you can access your Windows system in Dos , but Windows is based around using a GUI, (Graphical User Interface), all of the time
Posted 7 months ago # -
ivps
MemberHi Marcus, your video was VERY helpful, thanks a lot, this is exactly what I needed.
Watching your video helped to understand the tutorial, but also learn valuable things, like location of the ~/.ssh folder, which is hidden, and the keys inside...
Then, of course, I encountered the problem, I wasn't able to "move" the key from the mac to the vps, so I did it manually...
It would have been tough without your video, and the help of Joe as well. The tutorials are great as well, of course.
Anyway, guess what? As I mentioned in the other thread, I am locked again!!! This time, following your video, I am NOT blaming you though :P
I am guessing, it's probably because I messed something up yesterday with the keys, I am not sure though, so, well, I wiped the disk again!
What would be great, is to be able to revert the process, getting rid of the keys and passphrase.
Posted 7 months ago # -
Regarding getting locked. Where are you getting locked out? Are you saying that after you create the keypair, it won't activate?
My advice is this.
Go through the keypair process and master it. Forget anything else for now. Just master the steps in the video.
Set up the keypair, change your port and create a user.
Once you can log in like this, then you are starting to get going.
[Now you have me doubting myself...if I've forgotten a step in the video!!]
Anyway, wiping the linode and starting from fresh is easy enough.
---------
A tip: Here's a very simple thing IVPS which will save you a load of time and headaches.When you bring up your SSH Terminal, press your up and down arrows and you can scroll through your past entries, so that you don't have to type the same thing out over and over again..makes things a lot quicker...(as long as the entry was properly formatted)
Posted 7 months ago # -
ivps
MemberHi Marcus, your video had been VERY VERY helpful. I thank you, Joe and of course the Guv.
Well, first let me say that you did not make any mistake, the problem was me and my lack of knowledge.
Her is the stupid thing I did; every time I copied and pasted the key manually, from the mac to the server, I always truncated the end of the file, because it was detached from the key, so i though it wasn't part of it!! I did it at least 3 or 4 times.
Then, of course, originally, I had no idea that we were basically generating 2 x keys on the local machine aka desktop, and that we were supposed to send one over to the server.
It's the terminology / vocabulary that slowed me down.So as it stands, I have done the first + 100% successful install (or whatever it's called).
As a side note, I work exactly like you; I open a text editor and save information, for testing purpose, it's much faster. I was aware of the up/down arrow, thank you.
So I also duplicated the disk image, on the same node, so I have a safe backup.
Now my worries are, how do I log in from a laptop, and how do you revert, and/or change the keys? Say the desktop breaks down, and you can only access the server from an other machine???
I think it would be really great to have video or a post on how to go back/revert.
Oh, a BIG question, what is the difference between:
ssh-keygen -t rsa (in the Guv's tutorial)
AND ssh-keygen (as in your video)??Posted 7 months ago # -
If you get locked out of your Linode, you can access it through Lish.
You can also get technical support quite cheaply, if at any point you need it. I use a tech support, and it has saved me going bonkers a couple of times.
Ideally there would be a Google Circle somewhere for us learner techpreneurs....
marcuswestgb.....gmail
not sure about the -t
Posted 7 months ago #
Reply
You must log in to post.
Want HTML?
a blockquote code em strong ul ol liPlace code between backticks `codeHere`
You've got it.