by Christian T. Drieling – 10. February 2017
By default SSH on IGEL OS can only be used with a password (or also without a password) but not with you keyfile. To add Keyfile support, you have to manually edit the Thin Client Configuration.
a) Create your private and public key – this can be done on any SSH client e.g. IGEL OS:
- Add a local terminal to your TC (accessories -> terminals -> add).
- Start the local terminal and login as root.
- Use “ssh-keygen” to create both keys. Follow the text instructions. Here you can also add a passphrase to your key for better security.
- Now you should find the directory “.ssh” and two files in it “id-rsa” and id”_rsa.pub”.
b) Grab the files via UMS file-transfer.
- In UMS console, right click on your TC -> other Thin Client commands -> File TC to UMS.
- Thin Client file location is .ssh/id-rsa, in Target URL you can browse for ums_filetransfer and name your file id-rsa. You must do this a second time for rsa.pub.
- Now you should find both files in INSTALLDIRIGELremotemanagerrmguiserverwebappsums_filetransfer. “id-rsa” is your private key. Keep it save.
- Rename the file “id_rsa.pub” to “authorized_keys”. Now you can add further public keys from other Users. You will need a separate private key for all user who should be able to connect. You can use an editor like notepad++ to add additional keys to your authorized_keys file.
c) Enroll your public key to other TCs.
- In UMS console, right click on “Files” in the object tree and chose “new file”.
- Check “Select file from UMS server” and browse for your authorized_keys file.
- As classification chose “Undefined” and in Thin Client file location type in /wfs/user/.ssh/authorized_keys.
- In Access rights check Read/Write/Execute and select “User” as owner.
- Assign the file to your TCs.
d) As last step you have to enable the SSH service which is disabled by default.
- In IGEL Setup or UMS Profile go to System -> Remote Access -> SSH and check the “enable” checkbox.
- Also enable the account “user” in the user access list. Mark “user” and click on the edit symbol. Uncheck the “Deny” checkbox.
- Save or assign to your TC
More information about configuring SSH you find https://kb.igel.com/igelos-11.07/en/ssh-session-57334622.html