SSH

More information on ssh can be found at http://www.openssh.org/

Granting me ssh access so that I can access your system

1. You have to run an sshd server on your machine.
2. I generate a key pair in RSA format, creating a passphrase-encrypted private key and a public key.
3. I send you the public key. You add the key to the accounts that you want to allow me to have access to. For example, you can create a personal account for me with the username bwilson and add the file in /home/bwilson/.ssh/authorized_ekys and optionally also put a copy in /root/.ssh to give me root level access.

Then I can use an ssh client to connect. I enter my passphrase and the client uses the decrypted private key to authenticate with your system. If the private and public keys match, your system grants me access.

As long as I don't share my passphrase with anyone, even if I lose my laptop, no one can use my private key to access your machine.

If you want to revoke access, you remove or disable access to my public key(s).

You don't have to give me any password information on your machine, so you don't have to change the root password when we are done working together.

Key file installation notes

The file(s) "authorized_keys" are text files containing public keys. You can add new keys from the command line or using a text editor. The ownership and permissions should be set to be owned by the user account and readable only by that user. The typical commands:

# cd /home/username/.ssh                 move to user's directory
# cat /tmp/id_rsa.pub >> authorized_keys     append key to file
# chown username authorized_keys         fix ownership
# chmod 600 authorized_keys                  fix permissions