Is it a fake website?

19 mayo 2006

SSH con clave pública

1.Generamos la clave.
[root@stanis .ssh]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
6f:f8:9d:83:2f:bc:e6:f8:4a:bd:a3:6a:32:f8:3c:4a root@stanis

Nos genera dos ficheros.
[root@stanis .ssh]# ll
total 12
-rw------- 1 root root 668 May 19 15:58 id_dsa
-rw-r--r-- 1 root root 613 May 19 15:58 id_dsa.pub

2.Adaptamos formatos de claves
[root@stanis .ssh]# ssh-keygen -e -f id_dsa.pub > id_dsa_ssh2.pub

Ahora tenemos
[root@stanis .ssh]# ll
total 16
-rw------- 1 root root 668 May 19 16:15 id_dsa
-rw-r--r-- 1 root root 613 May 19 16:15 id_dsa.pub
-rw-r--r-- 1 root root 726 May 19 16:15 id_dsa_ssh2.pub

3.Creamos el fichero que indicará al servidor cual es la clave.

[root@stanis .ssh]# echo "key id_dsa_ssh2.pub" > authorization

[root@stanis .ssh]# ll
total 20
-rw-r--r-- 1 root root 20 May 19 16:18 authorization
-rw------- 1 root root 668 May 19 16:15 id_dsa
-rw-r--r-- 1 root root 613 May 19 16:15 id_dsa.pub
-rw-r--r-- 1 root root 726 May 19 16:15 id_dsa_ssh2.pub

4.Conectamos via sftp al servidor que nos permitirá entrar con la clave pública.
[root@stanis .ssh]# sftp stanis@servidor
(obviamente tendremos que tener cuenta en este servidor)

5.Creamos directorio
sftp> mkdir .ssh2

Vamos a él
sftp> cd .ssh2

6.Subimos el archivo que hemos creado antes y la clave pública.
sftp> put authorization
Uploading authorization to /.ssh2/authorization
authorization 100% 20 0.0KB/s 00:00

sftp> put id_dsa_ssh2.pub
Uploading id_dsa_ssh2.pub to /.ssh2/id_dsa_ssh2.pub
id_dsa_ssh2.pub 100% 726 0.7KB/s 00:00

7.Salimos
sftp> exit

8.Y probamos a conectar
[root@stanis .ssh]# ssh stanis@servidor
No mail.
-bash-2.05b$

Perfecto!, clave pública configurada.

No hay comentarios: