Tripp Lite B0930082E4UV Owners Manual for B093- B097- and B098-Series Console - Page 258

Uploading Keys

Get Tripp Lite B0930082E4UV PDF manuals and user guides View all Tripp Lite B0930082E4UV manuals
Add to My Manuals
Save this manual to your list of manuals

Page 258 highlights

15. Advanced Configuration To generate the keys using OpenBSD's OpenSSH suite, use the ssh-keygen program: $ ssh-keygen -t [rsa|dsa] Generating public/private [rsa|dsa] key pair. Enter file in which to save the key (/home/user/.ssh/id_[rsa|dsa]): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_[rsa|dsa]. Your public key has been saved in /home/user/.ssh/id_[rsa|dsa].pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server $ It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they will be used for. For example: $ mkdir keys $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/user/keys/control_room Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/keys/control_room Your public key has been saved in /home/user/keys/control_room.pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server $ You should ensure there is no password associated with the keys. If there is a password, the console servers will have no way to supply it as runtime. Authorized Keys If the console server selected to be the server will have only one client device, then the authorized_keys file is simply a copy of the public key for that device. If one or more devices will be clients of the server, the authorized_keys file will contain a copy of all of the public keys. RSA and DSA keys may be freely mixed in the authorized_keys file. For example, assume we already have one server, called bridge_server, and two sets of keys for the control_room and the plant_entrance: $ ls /home/user/keys control_room control_room.pub plant_entrance plant_entrance.pub $ cat /home/user/keys/control_room.pub /home/user/keys/plant_entrance.pub > /home/user/keys/authorized_keys_bridge_server Uploading Keys The server keys can be uploaded through the web interface on the System: Administration page. If only one client will be connecting, simply upload the appropriate public key as the authorized keys file. Otherwise, upload the authorized keys file constructed in the previous step. Each client will then need its own set of keys uploaded through the same page. Take care to ensure the correct type of keys (DSA or RSA) goes in the correct locations and that the public and private keys are in the correct location. 258

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
258
15. Advanced Configuration
To generate the keys using OpenBSD’s OpenSSH suite, use the
ssh-keygen
program:
$ ssh-keygen -t [rsa|dsa]
Generating public/private [rsa|dsa] key pair.
Enter file in which to save the key (
/home/user/.ssh/id_[rsa|dsa]
):
Enter
passphrase
(empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in
/home/user/.ssh/id_[rsa|dsa]
.
Your public key has been saved in
/home/user/.ssh/id_[rsa|dsa].pub
.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they
will be used for. For example:
$ mkdir keys
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
/home/user/keys/control_room
Enter
passphrase
(empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in
/home/user/keys/control_room
Your public key has been saved in
/home/user/keys/control_room.pub
.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
You should ensure there is no password associated with the keys. If there is a password, the console servers will have no way
to supply it as runtime.
Authorized Keys
If the console server selected to be the server will have only one client device, then the
authorized_keys
file is simply a copy
of the public key for that device. If one or more devices will be clients of the server, the
authorized_keys
file will contain a
copy of all of the public keys. RSA and DSA keys may be freely mixed in the
authorized_keys
file.
For example, assume we already have one server, called
bridge_server
, and two sets of keys for the
control_room
and the
plant_entrance
:
$ ls /home/user/keys
control_room control_room.pub plant_entrance plant_entrance.pub
$ cat /home/user/keys/control_room.pub
/home/user/keys/plant_entrance.pub >
/home/user/keys/authorized_keys_bridge_server
Uploading Keys
The server keys can be uploaded through the web interface on the
System: Administration
page. If only one client will be
connecting, simply upload the appropriate public key as the authorized keys file. Otherwise, upload the authorized keys file
constructed in the previous step.
Each client will then need its own set of keys uploaded through the same page. Take care to ensure the correct type of keys
(DSA or RSA) goes in the correct locations and that the public and private keys are in the correct location.