Hi all,
I am brand new to Virtualmin/Usermin. I know how to setup SSH authentication keys through the command line, but I’m not sure how to do it through Virtualmin/Usermin.
I want to set up a dsa key for login to the server and virtual server. I want to disable root access after creating another user and adding them to the wheel and disable password authentication after installing my key.
I can not find the authorized_key file. Does Virtualmin/Usermin create one? If so, where would I find it.
Normally I would create a .ssh folder for it, but that doesn’t seem to exist either.
I’ve also tried to change the ssh port through Virtualmin/Usermin to something other than 22, but it doesn’t seem to work when I use my ssh. It ends up timing out.
As far as I know, its not directly built into vm. I do it manually by creating the .ssh folder under /home/virtual_server_name/.ssh
then import the keys into .ssh/authorized_keys manually too.
It would be nice if there was a way to do this via the Edit Mail/FTP users…just a button to paste their public key and something that says if they have a key on server or not.
As far as changing the ssh port, you do that part through webmin. You will need to be logged in as master administrator (not the virtual site admin). Just click on the webmin tab in the upper left, then click on servers/ssh server.
Change the settings in Authentication and Networking (for the port).
You can change the port and disable things like ssh-1 (should only use ssh-2) and password authentication. Be sure the restart the ssh server after making changes. If you have some sort of firewall running you also must make sure the port you changed ssh to is allowed through. Make sure you have tested the keys before disabling password authentication.
There is also a “User Setup SSH Key” tab and there is an option to automatically create a key for new users. I havent played with that but it sounds like it might do what we want. I so rarely grant a client access to ssh its not a problem to do it manually.
I’d like to add that your ~/.ssh/authorized_keys file must be chmodded 600 and ~/.ssh/ needs to be 700. You can use the command “ssh-copy-id user@machine” to add your key to a server. OS X doesn’t come with that command by default but running “brew install ssh-copy-id” will rectify that quickly (of course you need to have homebrew setup). You could also follow one of these suggestions (just make sure to set permissions correctly or it won’t work): http://www.commandlinefu.com/commands/view/188/copy-your-ssh-public-key-to-a-server-from-a-machine-that-doesnt-have-ssh-copy-id