[mdlug] sftp on centos 6 expert wanted
Jeff Hanson
jhansonxi at gmail.com
Thu Jan 26 12:08:53 EST 2012
On 1/26/12, Adam Tauno Williams <awilliam at whitemice.org> wrote:
> On Wed, 2012-01-25 at 23:52 -0500, Jeff Hanson wrote:
>> Basically they would need to create a GPG key pair (ssh-keygen) and
>
> SSH keys pairs aren't GPG/PGP key pairs; they're just SSH key pairs.
> Same principals though.
Oops, typo. You're correct of course.
I was thinking about SSL with a CA but I haven't tried that with file
transfers, only a VPN. If the cert private keys are generated on the
server, and they don't have a strong passphrase (depends on how good
the client is at remembering those) then they have to be transferred
to the client by a secure means (encrypted channel, GPG, openssl). If
the client generates the private key and sends a CR to the server for
signing by the CA then extra encryption is not needed for the cert
transfer.
>> send you the public key to add to the sshd key file
>> (~/.ssh/authorized_keys on Ubuntu). To connect they just need to:
>> sftp -o IdentityFile=$HOME/.ssh/id_dsa -o Port=<port #> <server
>> username>@URL
>
> Isn't IdentityFile= just automatic? I never have to enter that
> [although I do almost all my sftp work via Nautilus].
>
It is with the default key file name. I have a different keys for
accessing client systems than my own systems, mostly as a security
precaution.
More information about the mdlug
mailing list