Linux Secure Shell (SSH) II : SSH Agent
The use of the ssh-agent program maximize the usefulness of using key based authentication.
After we've started up X windows through ssh-agent, we can use the ssh-add program to add our passphrase one time to the agent and the agent will in turn pass this authentication information automatically every time we need to use our passphrase. This is because all X windows programs inherit a connection back to the ssh-agent, including our terminal windows. Actually, the ssh-agent program is a program that starts up before starting X windows and in turn starts X windows for us.
We can check if it is already running:
$ ps auxw |grep ssh-agent k 3040 0.0 0.0 10616 84 ? Ss 10:15 0:00 ssh-agent -s
If there is an ssh-agent process listed there, then you can just start using it.
Once we've verified that ssh-agent is running, we can add our ssh key to it by running the ssh-add command.
The ssh-add command prompts the user for a private key password and adds it to the list maintained by ssh-agent.
$ ssh-add
If it finds the DSA key that we've created, it will prompt us for the passphrase. Once we have done so it should tell us that it has added our identity to the ssh-agent:
Identity added: /home/username/.ssh/id_dsa (/home/username/.ssh/id_dsa)
Once we add a password to ssh-agent, we will not be prompted for it when using ssh or scp to connect to hosts with our public key:
k@laptop:~$ ssh k@bogotobogo.com Last login: Sat Dec 6 08:05:48 2013 from 108-239-135-40.lightspeed.frokca.sbcglobal.net k@bogotobogo.com [~]#
id_rsa is an RSA key and can be used with the SSH protocol 1 or 2, while id_dsa is a DSA key and can only be used with SSH protocol 2. Both are very secure, but DSA does seem to become more widely used standard.
The syntax for the scp:
$ scp source_file_path destination_file_path
Depending on the host, the file path should include the full host address, port number, username and password along with the directory path.
- Uploading: sending a file from local machine to a remote machine:
k@laptop:~$ scp ~/myfile.txt k@bogotobogo.com:~/temp myfile.txt
- Downloading: copying a file from remote host to local host ~/dir :
k@laptop:~$ scp k@bogotobogo.com:~/temp/myfile2.txt ~/dir/
- Downloading: copy a remote directory (and all the files it contains) to local, use scp with the -r option telling copy the source directory recursively:
k@laptop:~$ scp -r k@bogotobogo.com:~/temp ~/dir/
Linux - system, cmds & shell
- Linux Tips - links, vmstats, rsync
- Linux Tips 2 - ctrl a, curl r, tail -f, umask
- Linux - bash I
- Linux - bash II
- Linux - Uncompressing 7z file
- Linux - sed I (substitution: sed 's///', sed -i)
- Linux - sed II (file spacing, numbering, text conversion and substitution)
- Linux - sed III (selective printing of certain lines, selective definition of certain lines)
- Linux - 7 File types : Regular, Directory, Block file, Character device file, Pipe file, Symbolic link file, and Socket file
- Linux shell programming - introduction
- Linux shell programming - variables and functions (readonly, unset, and functions)
- Linux shell programming - special shell variables
- Linux shell programming : arrays - three different ways of declaring arrays & looping with $*/$@
- Linux shell programming : operations on array
- Linux shell programming : variables & commands substitution
- Linux shell programming : metacharacters & quotes
- Linux shell programming : input/output redirection & here document
- Linux shell programming : loop control - for, while, break, and break n
- Linux shell programming : string
- Linux shell programming : for-loop
- Linux shell programming : if/elif/else/fi
- Linux shell programming : Test
- Managing User Account - useradd, usermod, and userdel
- Linux Secure Shell (SSH) I : key generation, private key and public key
- Linux Secure Shell (SSH) II : ssh-agent & scp
- Linux Secure Shell (SSH) III : SSH Tunnel as Proxy - Dynamic Port Forwarding (SOCKS Proxy)
- Linux Secure Shell (SSH) IV : Local port forwarding (outgoing ssh tunnel)
- Linux Secure Shell (SSH) V : Reverse SSH Tunnel (remote port forwarding / incoming ssh tunnel) /)
- Linux Processes and Signals
- Linux Drivers 1
- tcpdump
- Linux Debugging using gdb
- Embedded Systems Programming I - Introduction
- Embedded Systems Programming II - gcc ARM Toolchain and Simple Code on Ubuntu/Fedora
- LXC (Linux Container) Install and Run
- Linux IPTables
- Hadoop - 1. Setting up on Ubuntu for Single-Node Cluster
- Hadoop - 2. Runing on Ubuntu for Single-Node Cluster
- ownCloud 7 install
- Ubuntu 14.04 guest on Mac OSX host using VirtualBox I
- Ubuntu 14.04 guest on Mac OSX host using VirtualBox II
- Windows 8 guest on Mac OSX host using VirtualBox I
- Ubuntu Package Management System (apt-get vs dpkg)
- RPM Packaging
- How to Make a Self-Signed SSL Certificate
- Linux Q & A
- DevOps / Sys Admin questions
Ph.D. / Golden Gate Ave, San Francisco / Seoul National Univ / Carnegie Mellon / UC Berkeley / DevOps / Deep Learning / Visualization