SSH key management¶
SSH authentication requires maintaining the system SSH keys. This can be done as follows:
- keys create creates a local SSH keyset
- keys add <host> adds the remote host to the known hosts list allowing outgoing connections
- keys send <user>@<host> will send the public key from the local SSH keyset to the remote server, thereby enabling remote SSH authentication.
For example, if you wish to perform a backup to a remote host, first create a local key if necessary with keys create. Allow communication with the host using keys add <host>. Send the key to the remote host with keys send <user>@<host>.
If you select ssh key-based authentication that was set up without a password, you will be prompted to input the password when adding a sftp backup host:
platform@VOSS-UN-6:~$ backup add remote sftp://[email protected]/sftp
No password found. Do you want to use sshkeys? [y/N]: y
The certificates are independent of web servers/proxies.
For more details on SSH key-based authentication, refer to OpenSSH documentation.