Hetzner - DokuWiki

Backup Space SSH Keys/en

Backup Space SSH Keys

When connecting to your backup space via SFTP/SCP, it is possible to authenticate yourself with a Public Key. You can provide a Public Key in RFC4716 format in the file .ssh/authorized_keys on your backup space.

You can convert your Public Key into RFC4716 format with the "ssh-keygen" program with the parameters "-e" and "-f <input pubkey>". It is important that the automatically inserted comment line be erased. You need to manually create the .ssh directory if required.

For example:

server# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
cb:3c:a0:39:69:39:ec:35:d5:66:f3:c5:92:99:2f:e1 root@server
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|         .   =   |
|      . S = * o  |
|   . = = + + =   |
|    X o =   E .  |
|   o + . .   .   |
|    .            |
+-----------------+

server# ssh-keygen -e -f .ssh/id_rsa.pub | grep -v "Comment:" > .ssh/id_rsa_rfc.pub

server# cat .ssh/id_rsa_rfc.pub
---- BEGIN SSH2 PUBLIC KEY ----
AAAAB3NzaC1yc2EAAAABIwAAAQEAz+fh731CVfH3FPM0vK5hX7NT5HogdBEQ4ryGJIeVMv
mCQJWwrFtdWh1pXMyXsYzXq1xbjILgCZGn+H0qUBKopJaa/Pzsw5U0UyRgiFhU2k0eiHUq
pkiixTbHcLsCj3kjAv5i07wZJ/ot246hLQD1PtSQtcX7nHvhdhenOTGO+ccpM2KEdX1E64
eaTtO9Bf7X4OTXnRxS7tjYH9sls5DOunpvoIZLvbmcVw1+wMdJBXOAU6/tnkN5N3mYE4Hu
JjnRtBAI9MS9Tt3DNAp1K/udUHA6hfYf08fxYs9uwsCM793b7FczmVvHEIwIKszG7Jwiwo
Dqit4EExR8bNNCeD6D3Q==
---- END SSH2 PUBLIC KEY ----

server# cat .ssh/id_rsa_rfc.pub >> backup_authorized_keys

server# echo mkdir .ssh | sftp u15000@u15000.your-backup.de
Connecting to u15000.your-backup.de...
The authenticity of host 'u15000.your-backup.de (78.46.10.232)' can't be established.
RSA key fingerprint is 3d:7b:6f:99:5f:68:53:21:73:15:f9:2e:6b:3a:9f:e3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'u15000.your-backup.de ,78.46.10.232' (RSA) to the list of known hosts.
u15000@u15000.your-backup.de 's password:
sftp> mkdir .ssh

server# scp backup_authorized_keys u15000@u15000.your-backup.de:.ssh/authorized_keys
u15000@u15000.your-backup.de's password:
backup_authorized_keys                                        100%  406     0.4KB/s

server# sftp u15000@u15000.your-backup.de
Connecting to u15000.your-backup.de...
sftp> ls
sftp> exit
server#

Note: When uploading the Public Key you cannot use ssh-copy-id.



© 2016. Hetzner Online GmbH. Alle Rechte vorbehalten.