![]() ![]() # just below ForceCommand internal-sftpĪnd reload OpenSSH configuration using service sshd reload. If you want to disable password base authentication for your SFTP users (which you should if you plan to only use public keys), add the following line to our SSH configuration in /etc/ssh/sshd_config. ssh directory belongs to Bob (which won’t be the case if you ran the previous command as root). mkdir /var/sftp/bob/.sshĮcho "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEVK." > /var/sftp/bob/.ssh/authorized_keysĪlso make sure the. To allow Bob’s public key to connect to Bob’s account on the server, simply create the file /var/sftp/bob/.ssh/authorized_keys and add his public key to it. sftp_key : the private key that should remain secret.sftp_key.pub : the public key that can be shared with anyone. ![]() The command will ask you where to store the keys (e.g., on Bob’s laptop, /home/bob/.ssh/sftp_key) and if you want to encrypt the private key with a passphrase. Note that this should preferably not be done on the server himself, since the private key has nothing to do there and should stay private (ideally, on Bob’s laptop). Let’s now see how to generate a key pair. This makes it easier to share the key with Bob since you can then share the private key via an insecure channel and only the passphrase via a secure one. If you do so, the private key will be unusable without this passphrase. When you generate the keys, you also have an option to encrypt the private key with a passphrase.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |