Table of Contents
SSH Access
To access KeckCAVES computers via SSH, you must use public-key authentication. Password-based access is not allowed due to security concerns with guessable or compromised passwords.
To get your public key registered, please send it to Braden (bpellett@ucdavis.edu).
This only applies to you if you use an ssh-based program to log in remotely to KeckCAVES computers, e.g. using ssh, sftp, or scp. This doesn't affect logging into the computer when physically sitting at it; for that, you still use your password.
What is public key authentication?
Basically, you create a key pair, which consists of a public key and a private key. As the names suggest, you keep the private key to yourself, but can distribute the public key to anyone with whom you wish to authenticate yourself. Using the magic of public-key cryptography, anyone with the public key can confirm if you have its corresponding private key, without ever needing to see that private key.
Where is my public key?
You perhaps already have a public key generated. If you are on a UNIXy system, you can check the .ssh directory in your home directory for an id_rsa.pub file:
cat ~/.ssh/id_rsa.pub
Send this file (or just its contents) to Braden (bpellett@ucdavis.edu).
I have no public key! How do I get one?
Don't worry, it is easy to generate a key pair.
From the command line, you can enter:
ssh-keygen -b 2048 -t rsa
This will go through the steps to generate a key pair.
By default it will want to place it in your .ssh directory, which is also what you want.
It will then prompt for a passphrase to lock your private key. Choose a good one. 1)
You will now have a key pair! You can find your public key as id_rsa.pub in your .ssh directory.
