This shows you the differences between two versions of the page.
wiki:advanced:authentication:passwordless-ssh [2011/01/12 15:24] dali |
wiki:advanced:authentication:passwordless-ssh [2013/03/08 13:31] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Passwordless authentication using ssh-keys | ||
- | |||
- | ===== Linux ===== | ||
- | |||
- | You'll need to generate a SSH key via the ssh-keygen command. Please choose which key you want to generate (we recommend dsa): | ||
- | |||
- | < | ||
- | $ ssh-keygen -t rsa'' | ||
- | </ | ||
- | |||
- | or | ||
- | |||
- | < | ||
- | $ ssh-keygen -t dsa | ||
- | </ | ||
- | |||
- | This will create following files inside your $HOME/.ssh/ directory: | ||
- | |||
- | < | ||
- | ~/ | ||
- | ~/ | ||
- | </ | ||
- | |||
- | You'll need to transfer the public part of the key to the wanted server. You can do this using the ssh-copy-id command: | ||
- | |||
- | < | ||
- | $ ssh-copy-id -i ~/ | ||
- | </ | ||
- | |||
- | or | ||
- | |||
- | < | ||
- | $ ssh-copy-id -i / | ||
- | </ | ||
- | |||
- | After the transfer you can add the path to the private part of the key to the session preferences inside x2goclient. x2goclient should now establish the connection without asking for a password by simply clicking on the session card view. | ||
- | |||
- | ===== Windows ===== | ||
- | |||
- | Start a command prompt and navigate to the x2goclient folder, in this example it is **C: | ||
- | |||
- | First we generate a DSA key pair (use an empty password phrase if you want SSO): | ||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | :!: ssh-keygen.exe prints the path to the key file(s), you will need that later. | ||
- | |||
- | This will create following files: | ||
- | <code text> | ||
- | id_dsa | ||
- | id_dsa.pub | ||
- | </ | ||
- | |||
- | You'll need to transfer the public part of the key to the wanted server. You can do this using the scp.exe command with the path to the key file that ssh-keygen.exe printed: | ||
- | |||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | When the file has been transferred, | ||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | Go to your .ssh folder, add the public key to your authorized_keys2 file and then remove the file: | ||
- | <code bash> | ||
- | cd ~/.ssh | ||
- | cat id_dsa.pub >> authorized_keys2 | ||
- | rm id_dsa.pub | ||
- | </ | ||
- | |||
- | You can now add the path to the id_dsa file (the private part of the key) to the session preferences inside x2goclient. x2goclient should now establish the connection without asking for a password by simply clicking on the session card view. | ||
- | |||
- | You can also create a desktop shortcut which starts the session with the client window hidden; in x2goclient select Session -> Create session icon on desktop ... -> select session and click " | ||
- | |||
- | :!: The path to x2goclient.exe in the shortcut may be wrong, edit the shortcut and remove " | ||