It is not very difficult but every time I want to create and populate an ssh certificate I have to search for it. So I will show how to create and populate an ssh certificate for password less login over ssh.
And if we have a look to man page of ssh (see below), it sounds really simple. Just create your key, copy the key to destination and register in authorized_keys. But how to do that in a simple way?
Steps to do:
- create a key:
eeelin:~$ ssh-keygen #(Don’t enter a password for password less login)
- copy the key to remote:
eeelin:~$ cat ~/.ssh/id_rsa.pub | ssh user@host ‘cat >> ~/.ssh/authorized_keys’
To use certificates would be much more secure than use an ssh connection with password. If you use a certificate there is a guarantee it is the owner of this certificate. And if you provide a password while generating the certificate it would improve security again. And you don’t have to remember all the original passwords.
Another reason to use a certificate is, an application which has to connect over ssh. It would be possible just to put the certificate into the application and nobody has to know the password.
I had the problem calling a bash script I got the error:
“syntax error: unexpected end of file”
“: command not foundne 2: ”
Since I always have to search how to enable the history search in (k)ubuntu I post it here. I don’t know why this feature is disabled by default in (k)ubuntu. Imo it’s one of the greatest features under the linux term. Just start the command you entered last time in the term and then press the key ‘PageUp’ to get the last history entry you used the letters.
For everybody who wants to enable the feature too:
Open the file ‘/etc/inputrc’ and enable the following two lines: (It’s in the section ‘# alternate mappings for “page up” and “page down” to search the history’)
As we all know the major issue with security is the user itself, because current security systems don’t consider the human factor. Most of the security measures neglect the human limitation in the real world with the result that the users are annoyed by the system. Annoyed users stop paying attention or even worse they stop considering the whole security aspect of the system they are using. OpenSSH 5.1 implements a new (experimental) feature based on an innovative visualization technology, which care about the human being.