Hetzner - DokuWiki
Backup Space SSH Keys/en
Backup Space SSH Keys
When connecting to your backup space via SFTP/SCP, it is possible to authenticate yourself with a Public Key. You can provide a Public Key in RFC4716 format in the file .ssh/authorized_keys on your backup space.
You can convert your Public Key into RFC4716 format with the "ssh-keygen" program with the parameters "-e" and "-f <input pubkey>". It is important that the automatically inserted comment line be erased. You need to manually create the .ssh directory if required.
server# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: cb:3c:a0:39:69:39:ec:35:d5:66:f3:c5:92:99:2f:e1 root@server The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | . = | | . S = * o | | . = = + + = | | X o = E . | | o + . . . | | . | +-----------------+ server# ssh-keygen -e -f .ssh/id_rsa.pub | grep -v "Comment:" > .ssh/id_rsa_rfc.pub server# cat .ssh/id_rsa_rfc.pub ---- BEGIN SSH2 PUBLIC KEY ---- AAAAB3NzaC1yc2EAAAABIwAAAQEAz+fh731CVfH3FPM0vK5hX7NT5HogdBEQ4ryGJIeVMv mCQJWwrFtdWh1pXMyXsYzXq1xbjILgCZGn+H0qUBKopJaa/Pzsw5U0UyRgiFhU2k0eiHUq pkiixTbHcLsCj3kjAv5i07wZJ/ot246hLQD1PtSQtcX7nHvhdhenOTGO+ccpM2KEdX1E64 eaTtO9Bf7X4OTXnRxS7tjYH9sls5DOunpvoIZLvbmcVw1+wMdJBXOAU6/tnkN5N3mYE4Hu JjnRtBAI9MS9Tt3DNAp1K/udUHA6hfYf08fxYs9uwsCM793b7FczmVvHEIwIKszG7Jwiwo Dqit4EExR8bNNCeD6D3Q== ---- END SSH2 PUBLIC KEY ---- server# cat .ssh/id_rsa_rfc.pub >> backup_authorized_keys server# echo mkdir .ssh | sftp email@example.com Connecting to u15000.your-backup.de... The authenticity of host 'u15000.your-backup.de (184.108.40.206)' can't be established. RSA key fingerprint is 3d:7b:6f:99:5f:68:53:21:73:15:f9:2e:6b:3a:9f:e3. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'u15000.your-backup.de ,220.127.116.11' (RSA) to the list of known hosts. firstname.lastname@example.org 's password: sftp> mkdir .ssh server# scp backup_authorized_keys email@example.com:.ssh/authorized_keys firstname.lastname@example.org's password: backup_authorized_keys 100% 406 0.4KB/s server# sftp email@example.com Connecting to u15000.your-backup.de... sftp> ls sftp> exit server#
Note: When uploading the Public Key you cannot use ssh-copy-id.