ssh
Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
ssh [2023/04/20 15:30] – darre | ssh [2024/02/12 08:44] (Version actuelle) – [Transmission d'un agent ssh] pointal | ||
---|---|---|---|
Ligne 13: | Ligne 13: | ||
Le protocole SSH peut permettre de s' | Le protocole SSH peut permettre de s' | ||
- | <code bash> | + | <code bash> |
- | // | + | // |
Le mot de passe est demandé au moment de la connexion. | Le mot de passe est demandé au moment de la connexion. | ||
Ligne 22: | Ligne 22: | ||
< | < | ||
- | bidule@plop: | + | bidule@plop: |
- | bidule@ma_machine's password: XXXXXXXXX | + | bidule@machine_cible's password: XXXXXXXXX |
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-52-generic x86_64) | Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-52-generic x86_64) | ||
… | … | ||
- | bidule@ma_machine:~$ | + | bidule@machine_cible:~$ |
</ | </ | ||
Ligne 34: | Ligne 34: | ||
< | < | ||
- | bidule@plop: | + | bidule@plop: |
- | The authenticity of host 'ma_machine | + | The authenticity of host 'machine_cible |
ECDSA key fingerprint is SHA256: | ECDSA key fingerprint is SHA256: | ||
Are you sure you want to continue connecting (yes/ | Are you sure you want to continue connecting (yes/ | ||
- | Warning: Permanently added 'ma_machine,192.168.122.243' (ECDSA) to the list of known hosts. | + | Warning: Permanently added 'machine_cible,129.175.17.124' (ECDSA) to the list of known hosts. |
- | bidule@ma_machine's password: XXXXXXXXX | + | bidule@machine_cible's password: XXXXXXXXX |
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-52-generic x86_64) | Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-52-generic x86_64) | ||
… | … | ||
- | bidule@ma_machine:~$ | + | bidule@machine_cible:~$ |
</ | </ | ||
- | Au cas où un autre ordinateur essaierait d' | + | Au cas où un autre ordinateur essaierait d' |
< | < | ||
- | bidule@plop: | + | bidule@plop: |
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | ||
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! | ||
Ligne 61: | Ligne 61: | ||
Offending ECDSA key in / | Offending ECDSA key in / | ||
remove with: | remove with: | ||
- | ssh-keygen -f "/ | + | ssh-keygen -f "/ |
- | ECDSA host key for ma_machine | + | ECDSA host key for machine_cible |
Host key verification failed. | Host key verification failed. | ||
</ | </ | ||
Ligne 75: | Ligne 75: | ||
< | < | ||
- | Warning: the ECDSA host key for 'ma_machine' differs from the key for the IP address ' | + | Warning: the ECDSA host key for 'machine_cible' differs from the key for the IP address ' |
Offending key for IP in / | Offending key for IP in / | ||
</ | </ | ||
Ligne 191: | Ligne 191: | ||
<code bash> | <code bash> | ||
- | ssh-copy-id -i ~/ | + | ssh-copy-id -i ~/ |
</ | </ | ||
Ligne 199: | Ligne 199: | ||
< | < | ||
- | bidule@plop: | + | bidule@plop: |
/ | / | ||
- | The authenticity of host 'ma_machine.lisn.upsaclay.fr (129.175.17.124)' | + | The authenticity of host 'machine_cible.lisn.upsaclay.fr (129.175.17.124)' |
ECDSA key fingerprint is SHA256: | ECDSA key fingerprint is SHA256: | ||
Are you sure you want to continue connecting (yes/ | Are you sure you want to continue connecting (yes/ | ||
/ | / | ||
/ | / | ||
- | bidule@ma_machine.lisn.upsaclay.fr' | + | bidule@machine_cible.lisn.upsaclay.fr' |
Number of key(s) added: 1 | Number of key(s) added: 1 | ||
- | Now try logging into the machine, with: " | + | Now try logging into the machine, with: " |
and check to make sure that only the key(s) you wanted were added. | and check to make sure that only the key(s) you wanted were added. | ||
</ | </ | ||
Ligne 225: | Ligne 225: | ||
<code bash> | <code bash> | ||
- | ssh ma_machine.lisn.upsaclay.fr | + | ssh machine_cible.lisn.upsaclay.fr |
</ | </ | ||
Ligne 231: | Ligne 231: | ||
< | < | ||
- | bidule@plop: | + | bidule@plop: |
Enter passphrase for key '/ | Enter passphrase for key '/ | ||
… | … | ||
- | bidule@ma_machine:~$ | + | bidule@machine_cible:~$ |
</ | </ | ||
Ligne 269: | Ligne 269: | ||
</ | </ | ||
+ | ==== Agent ssh sous MacOS ==== | ||
+ | |||
+ | Il est possible de démarre un agent SSH comme service sous MacOS: [[https:// | ||
+ | |||
+ | Il est aussi possible d' | ||
+ | |||
===== Passerelles ===== | ===== Passerelles ===== | ||
Ligne 302: | Ligne 308: | ||
* Il est possible d' | * Il est possible d' | ||
+ | |||
+ | ==== Changement de passphrase ==== | ||
+ | |||
+ | Au cas où vous auriez malencontreusement oublié de mettre une passphrase sur votre clé privée, ou bien si vous trouvez celle-ci trop légère… elle peut être changée : | ||
+ | |||
+ | ssh-keygen -f ~/ | ||
Ligne 318: | Ligne 330: | ||
< | < | ||
- | … | ||
- | Host pl-ssh.lisn.upsaclay.fr | ||
… | … | ||
Host m123.lisn.upsaclay.fr m167.lisn.upsaclay.fr m54.lisn.upsaclay.fr berlioz.lisn.upsaclay.fr | Host m123.lisn.upsaclay.fr m167.lisn.upsaclay.fr m54.lisn.upsaclay.fr berlioz.lisn.upsaclay.fr | ||
Ligne 337: | Ligne 347: | ||
< | < | ||
… | … | ||
- | Match Host *.lisn.upsaclay.fr Exec ~/bin/inside_lisn.sh | + | Match Host *.lisn.upsaclay.fr Exec "/usr/bin/test -f %d/.ssh/ |
… | … | ||
- | Match Host *.lisn.upsaclay.fr !Exec ~/ | + | Match Host subversion.renater.fr, |
- | … | + | |
- | Match Host subversion.renater.fr, | + | |
… | … | ||
Match Exec " | Match Exec " | ||
Ligne 370: | Ligne 378: | ||
<WRAP center round info 80%> | <WRAP center round info 80%> | ||
- | Avant l' | + | Avant l' |
</ | </ | ||
Ligne 421: | Ligne 429: | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
- | Host ma_machine ma_machine.lisn.upsaclay.fr | + | Host machine_cible machine_cible.lisn.upsaclay.fr |
ForwardAgent yes | ForwardAgent yes | ||
ForwardX11 yes | ForwardX11 yes | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
- | Host ma_machine | + | Host machine_cible |
User bidule | User bidule | ||
IdentityFile ~/ | IdentityFile ~/ | ||
Ligne 454: | Ligne 462: | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
- | Match Host ma_machine.lisn.upsaclay.fr | + | Match Host machine_cible.lisn.upsaclay.fr |
ForwardAgent yes | ForwardAgent yes | ||
ForwardX11 yes | ForwardX11 yes | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
| | ||
- | Match Host ma_machine.lisn.upsaclay.fr !Exec ~/ | + | Match Host machine_cible.lisn.upsaclay.fr !Exec ~/ |
ProxyJump passerelle-labo | ProxyJump passerelle-labo | ||
Ligne 477: | Ligne 485: | ||
</ | </ | ||
- | ===== Configuration | + | ===== Configuration |
==== Création d'un profil de connexion à via.lisn.upsaclay.fr ==== | ==== Création d'un profil de connexion à via.lisn.upsaclay.fr ==== | ||
Ligne 490: | Ligne 498: | ||
{{:: | {{:: | ||
+ | |||
+ | * utilisez ce profil pour rebondir sur une machine interne | ||
+ | * remplacer ' | ||
===== Trucs & astuces ===== | ===== Trucs & astuces ===== | ||
Ligne 502: | Ligne 513: | ||
IdentitiesOnly yes | IdentitiesOnly yes | ||
IdentityFile ~/ | IdentityFile ~/ | ||
- | Hostname | + | Hostname |
ForwardX11 yes | ForwardX11 yes | ||
ProxyJump passerelle-labo | ProxyJump passerelle-labo |
ssh.1681997411.txt.gz · Dernière modification : 2023/04/20 15:30 de darre