README um SSH ergänzt
This commit is contained in:
Sven Velt
parent
1a7d9023fa
commit
a194278098
82
README.md
82
README.md
|
|
@ -55,4 +55,86 @@ lrwxrwxrwx 1 root root 18 Aug 17 21:58 /etc/alternatives/vim -> /usr/bin/vim.bas
|
|||
|
||||
|
||||
|
||||
## SSH-Agent
|
||||
|
||||
### SSH-Agent in einer Sitzung starten
|
||||
|
||||
```
|
||||
kurs@tn00-purple:~# eval $(ssh-agent)
|
||||
Agent pid 2720104
|
||||
```
|
||||
|
||||
### SSH-Key am Agent registrieren
|
||||
```
|
||||
kurs@tn00-purple:~# ssh-add
|
||||
Enter passphrase for /home/svelt/.ssh/id_ed25519:
|
||||
```
|
||||
|
||||
### Ein SSH-Agent in mehreren SSH-Verbindungen
|
||||
|
||||
1. SSH-Agent starten
|
||||
```
|
||||
kurs@tn00-purple:~# eval $(ssh-agent | tee ~/.ssh-agent.sh)
|
||||
SSH_AUTH_SOCK=/tmp/ssh-r4RVMmRg9KAR/agent.2720217; export SSH_AUTH_SOCK;
|
||||
SSH_AGENT_PID=2720218; export SSH_AGENT_PID;
|
||||
echo Agent pid 2720218;
|
||||
Agent pid 2720218;
|
||||
```
|
||||
2. In **jeder weiteren** SSH-Verbindung auf die VM (per copy&paste):
|
||||
- Kann für weitere Verbindungen auch später gemacht werden
|
||||
```
|
||||
kurs@tn00-purple:~# source ~/.ssh-agent.sh
|
||||
Agent pid 2720218;
|
||||
```
|
||||
3. Verbindung zum SSH-Agent mit `ssh-add -l` testen
|
||||
- "Could not connect to agent" -> Agent läuft nicht und/oder Variablen nicht gesetzt
|
||||
- "This agent has no identities" -> Verbindung zum Agent geht, Agent hat aber keine Keys
|
||||
- Key -> Verbindung zum Agent geht, Key(s) registriert und verfügbar (4. überflüssig)
|
||||
4. SSH-Key registrieren
|
||||
- nur einmal nötig
|
||||
- Variablen via Script aus 2. Schritt müssen gesetzt sein
|
||||
```
|
||||
kurs@tn00-purple:~# ssh-add
|
||||
```
|
||||
Damit könnt Ihr dann den einen Agent in allen SSH-Verbindungen zur VM nutzen.
|
||||
|
||||
### Alternative: Keychain
|
||||
|
||||
Voraussetzung: SSH-Key existiert, liegt unter (beliebigem) Namen unter `~/.ssh/`
|
||||
|
||||
1. Keychain installieren
|
||||
```
|
||||
kurs@tn00-purple:~$ apt install keychain
|
||||
```
|
||||
2. Von Hand testen
|
||||
```
|
||||
kurs@tn00-purple:~$ keychain ~/.ssh/id_ed25519
|
||||
|
||||
* keychain 2.8.5 ~ http://www.funtoo.org
|
||||
* Starting ssh-agent...
|
||||
* Adding 1 ssh key(s): /home/kurs/.ssh/id_ed25519
|
||||
Enter passphrase for /home/kurs/.ssh/id_ed25519:
|
||||
* ssh-add: Identities added: /home/kurs/.ssh/id_ed25519
|
||||
|
||||
kurs@tn00-purple:~$ ssh-add -l
|
||||
Could not open a connection to your authentication agent.
|
||||
|
||||
kurs@tn00-purple:~$ cat ~/.keychain/${HOSTNAME}-sh
|
||||
SSH_AUTH_SOCK=/tmp/ssh-pZf3VyTB4hs3/agent.1612572; export SSH_AUTH_SOCK;
|
||||
SSH_AGENT_PID=1612575; export SSH_AGENT_PID;
|
||||
|
||||
kurs@tn00-purple:~$ . ~/.keychain/${HOSTNAME}-sh
|
||||
kurs@tn00-purple:~$ ssh-add -l
|
||||
256 SHA256:9+6FWilZKB46vt/n8HX3eVggjmdt40vXclBPkggaHvM kurs@tn00-purple (ED25519)
|
||||
```
|
||||
3. In Shell automatisch starten
|
||||
```
|
||||
cat <<EOF >>.bashrc
|
||||
keychain ~/.ssh/id_ed25519
|
||||
. ~/.keychain/${HOSTNAME}-sh
|
||||
EOF
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue