SSH key management#

SSH authentication requires maintaining the system SSH keys. This can be done as follows:

  • keys create creates a local SSH keyset

  • keys add <host> adds the remote host to the known hosts list allowing outgoing connections

  • keys send <user>@<host> will send the public key from the local SSH keyset to the remote server, thereby enabling remote SSH authentication.

For example, if you wish to perform a backup to a remote host, first create a local key if necessary with keys create. Allow communication with the host using keys add <host>. Send the key to the remote host with keys send <user>@<host>.

If you select ssh key-based authentication that was set up without a password, you will be prompted to input the password when adding a sftp backup host:

platform@VOSS-UN-6:~$ backup add remote sftp://[email protected]/sftp
No password found. Do you want to use sshkeys? [y/N]: y

Important

If the username or password contains any of the following characters:

;|\\$&`!

then use the backup setup command interactively by choosing “No” at the prompts if SSH Keys are being used and then add the username and password directly.

The certificates are independent of web servers/proxies.

For more details on SSH key-based authentication, refer to OpenSSH documentation.