Génération de clefs SSH
Linux/Mac
Les clefs sont de simple fichier texte consultable avec un éditeur de texte.
Pour générer une paire suivre la procédure suivante :
- Ouvrir un terminal
- Lancer les commandes suivantes (en substituant l’adresse par la votre)
ssh-keygen -t rsa -b 4096 -C "alan.turing@cambridge.org"
# Creates a new ssh key, using the provided email as a label
Generating public/private rsa key pair.
- Quand l’invite de commande vous demande d’entrer l’emplacement où sauver la clef, appuyer sur entrée.
L’emplacement par défaut sera validé.
Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]
- À l’invite suivante, entrer un mot de passe pour protéger votre clef.
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
- La paire de clef, publique, privée, se trouve alors dans:
- publique :
${HOME}/.ssh/id_rsa.pub
- privée :
${HOME}/.ssh/id_rsa
- publique :
Windows
Il existe plusieurs client SSH pour windows, nous présentons la génération de clefs avec l’un d’eux PuTTY.
Pour une installation minimal vous avez besoin des exécutables suivant: putty.exe
et puttygen.exe
.
Ils sont disponibles à cette adresse: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
À TRADUIRE
To generate a set of RSA keys with PuTTYgen:
- Start the PuTTYgen utility, by double-clicking on its .exe file;
- For Type of key to generate, select SSH-2 RSA;
- In the Number of bits in a generated key field, specify 4096 (increasing the bits makes it harder to crack the key by brute-force methods);
- Click the Generate button;
- Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full;
- A private/ public key pair has now been generated;
- In the Key comment field, enter any comment you’d like, to help you identify this key pair, later (e.g. your e-mail address; home; office; etc.)
- Optional but highly recommended:
Type a passphrase in the Key passphrase field & re-type the same passphrase in the Confirm passphrase field (if you would like to use your keys for automated processes, however, you should not create a passphrase); - Click the Save public key button & choose whatever filename you’d like (some users create a folder in their computer named my_keys);
- Click the Save private key button & choose whatever filename you’d like (you can save it in the same location as the public key, but it should be a location that only you can access and that you will NOT lose! If you lose your keys and have disabled username/password logins, you will no longer be able log in!);
- Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All. This is the text we need in the registration form.
- Right-click again in the same text field and choose Copy; then paste it in the field “SSH public key” of the registration form.