This shows you the differences between two versions of the page.
wiki:advanced:authentication:passwordless-ssh [2012/02/18 14:08] dali [Linux client] |
wiki:advanced:authentication:passwordless-ssh [2013/03/08 13:31] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Passwordless authentication using ssh-keys | ||
- | |||
- | ===== Linux client ===== | ||
- | |||
- | You'll need to generate a SSH key via the ssh-keygen command. Please choose which key you want to generate (we recommend dsa): | ||
- | |||
- | < | ||
- | $ ssh-keygen -t rsa | ||
- | </ | ||
- | |||
- | or | ||
- | |||
- | < | ||
- | $ ssh-keygen -t dsa | ||
- | </ | ||
- | |||
- | This will create following files inside your $HOME/.ssh/ directory: | ||
- | |||
- | < | ||
- | ~/ | ||
- | ~/ | ||
- | </ | ||
- | |||
- | You'll need to transfer the public part of the key to the wanted server. You can do this using the ssh-copy-id command: | ||
- | |||
- | < | ||
- | $ ssh-copy-id -i ~/ | ||
- | </ | ||
- | |||
- | or | ||
- | |||
- | < | ||
- | $ ssh-copy-id -i / | ||
- | </ | ||
- | |||
- | After the transfer you can add the path to the private part of the key to the session preferences inside x2goclient. x2goclient should now establish the connection without asking for a password by simply clicking on the session card view. | ||
- | |||
- | ===== Windows client ===== | ||
- | |||
- | Start a command prompt and navigate to the x2goclient folder, in this example it is **C: | ||
- | |||
- | First we generate a DSA key pair (use an empty password phrase if you want SSO): | ||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | :!: ssh-keygen.exe prints the path to the key file(s), you will need that in the next step. | ||
- | |||
- | You'll need to transfer the public key file to the wanted server. You can do this using the scp.exe command with the path that ssh-keygen.exe printed (make sure you transfer the id_dsa**.pub** file): | ||
- | |||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | When the file has been transferred, | ||
- | <code dos> | ||
- | C:\Program Files\x2goclient> | ||
- | </ | ||
- | |||
- | Go to your .ssh folder, add the contents of the public key file to your authorized_keys file and then remove the public key file: | ||
- | <code bash> | ||
- | cd ~/.ssh | ||
- | cat ~/ | ||
- | rm ~/ | ||
- | </ | ||
- | |||
- | You can now add the path to the id_dsa file (the private part of the key) to the session preferences inside x2goclient. x2goclient should now establish the connection without asking for a password by simply clicking on the session card view. | ||
- | |||
- | You can also create a desktop shortcut which starts the session with the client window hidden; in x2goclient select Session -> " | ||
- | |||
- | :!: The path to x2goclient.exe in the shortcut may be wrong, edit the shortcut and remove " | ||