A bit of context first: I’m fully self-taught and, as such, full of holes with my server management knowledge. Sometimes, I’ll wonder something, but my knowledge will be SO incomplete that googling will fail to help, I’ll be missing on the obvious… and it’s one of those cases today.
I’m sorry I am asking for something obvious that certainly has explanations and guides somewhere over on the internet!
Ahem. Second bit of context: I’m using SuperPutty to connect to my server when I need to open an SSH terminal, and in there, I’m using the basic method, the login is in memory, while the password must be pasted or typed by hand. Or provided by a -pw.
However, I’ve read multiple times that it’s recommended to use, instead, keys files to authentify: this way, the passwords aren’t visible at any moment, it IS safer…
Last bit of context: my server is a Debian Buster with the latest stable webmin+virtualmin.
And my question now: how the hell may one obtain or generate those keys files with virtualmin, to feed them to third party software we’d run on our home machines?
I found (from How to Manually Add SSH Keys in Virtualmin | Hostwinds ) that in Webmin > Servers > SSH Server, I can view ssh_host_rsa_key.pub and ssh_host_dsa_key.pub, and I may copy their contents.
Additionally, still in Webmin > Servers > SSH Server, the Help tooltip explained that, copy-pasting, "Because SSH can be setup to use RSA keys for authentication instead of the normal username and password used by telnet, users can login to a remote server without having to enter a password each time. ": duly noted. RSA keys are the thing to look forward to.
Then, following what is said in Use SSH Keys with PuTTY on Windows | IONOS DevOps Central , apparently the idea is to get the contents of an RSA-thing key I saw mentioned, convert it so that putty accepts to work with it, and finally tell to putty where to find that file. And then, at last, as long as that file is present and we’ve told Putty where to find it, the handshake is automated and effortless.
Remembering I could view the contents of a key with “RSA” in its name in Webmin > Servers > SSH Server > Host SSH Keys > I loaded ssh_host_rsa_key.pub, copy-pasted it to a new text editor file, saved it as ssh_host_rsa_key.pub for conversion with puttygen… and it all ended with the error message: “Couldn’t load private key (SSH-2 public key (OpenSSH format))”
It is showing, right, that I’m swimming blind, my footing has long been lost, at this point
- I searched far and wide in webmin and virtualmin for any other entry related to “rsa”, but, nope. I looked more carefully in Webmin > Servers > SSH Host, but didn’t find anything particularly striking.
- Also, it felt odd: if that were to be hidden in Webmin instead of virtualmin, it would mean only root may have an RSA key file, and none of the other virtualhost website-owner usernames, right?
- I checked to be sure, my root is self-certified (no website on it), the websites I host are with letsencrypt, but it’s always just ssl.cert, ssl.key, and ssl.ca, no RSA key seems to be existing yet.
- The last possibility I overlooked is that the rsa key may need to be generated in a terminal, under each different user, and then downloaded by SFTP… but, somehow, I feel like it’s probably doable with virtualmin’s GUI, it’s just I don’t manage to find it.
At this point, I feel like I’m going nowhere save in wrong directions, I prefer to stop and ask.
If you can kindly point me to a documentation page that will explain things, which I failed to find with googling (again, I’m so sorry), or miraculously find how to explain it to me, I will be most grateful