SLAC CD Software Engineering Group
RSA key pair generation:
First, you need to make sure you have a valid public key in $HOME/.ssh/identity.pub. If you don't have one, you must generate one. You can generate your RSA key pair on any public UNIX development machine (flora, for example). Log in using your AFS account and issue the following command.
ssh-keygen -t rsa 1
ssh-keygen -t dsa
Respond to all prompts with return. For example:
jingchen@flora03 $ ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/u/cd/jingchen/.ssh/identity):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /u/cd/jingchen/.ssh/identity.
Your public key has been saved in /u/cd/jingchen/.ssh/identity.pub.
The key fingerprint is:
(take the default prompts for the DSA key generation)
Updating authorized key list
Your public key will be saved in $HOME/.ssh/identity.pub. This key must be then added to /u/cd/cddev/.ssh/authorized_keys, the authorized key list for AFS cddev account, and /u1/cddev/.ssh/authorized_keys, the authorized key list for local cddev account on PEPII gateway machines. This is needed if you want to deploy to prodcution machines both taylored and standalone using your AFS account from any public UNIX development machine.
Ask the owner of cddev account (Judy Rock, Brobeck, Jingchen) to do the following for you:
Log in as cddev using password via Tera Term on any public UNIX machine. Make sure your old key is removed if it exists.
$ cat /u/cd/YOUR_USERNAME/.ssh/identity.pub
(select and copy)
$ emacs /u1/cd/cddev/.ssh/authorized_keys
Log in as cddev account on opi00gtw00. Make sure your old key is removed if it exists.
$ cat /u/cd/YOUR_USERNAME/.ssh/.public/id_dsa.pub
(select and copy)
$ emacs /u1/cddev/.ssh/authorized_keys2
Now, test if you can log in opi00gtw04 as cddev account without password
$ ssh –l cddev opi00gtw04
and log in opi00gtw00 as cddev account without password
$ ssh -l cddev opi00gtw00
Author: Jingchen Zhou, 05-19-03
Modified by: 14-Jun-2005 Daniel Blackwell updated for DSA