Storage Box SSH Keys #
#
SSH key authentication for Storage Boxes #
If you use SCP, SFTP, rsync or BorgBackup, you can log in using SSH key authentication without entering a password.
Depending on the SSH port of the Backup account/Storage Box you use, you may need to use a specific format for the public SSH key. The following keys are supported:
SSH Port | Key Format | Algorithms |
---|---|---|
22 | RFC4716 | RSA, ECDSA |
23 | Standard OpenSSH Format | RSA, ECDSA, ED25519 |
If you want to use the services over both ports, then you must store the public SSH key in both formats (RFC4716 and OpenSSH format) in the .ssh/authorized_keys
file. Please note that a new line should be at the end of the file.
Each sub-account requires its own authorized_keys file in the sub-account’s directory.
#
Generating SSH keys #
You can use ssh-keygen to generate a new pair of SSH keys:
|
Warning: With the default settings, using ssh-keygen will overwrite an existing SSH key! As an alternative, with the parameter -f
, you can specify a different file path.
#
Upload #
Please activate the SSH service of your Storage Box within Robot. Afterwards you can upload your public key with the following command for both Storage Box ports:
|
After this you can use the public SSH key to login without a password.
#
Manual #
You can also upload your key manually. Therefor please use the following guides:
#
Extended SSH Service on Port 23 (SFTP/Rsync/BorgBackup) #
Port 23 uses the one-line OpenSSH format of the public key.
#
Upload with ssh-copy-id (OpenSSH 8.5+) #
You can use ssh-copy-id
to upload the new key:
|
Upload without ssh-copy-id / Manually #
If you have an older OpenSSH client software, you can upload the public key also manual:
|
#
SSH Service on Port 22 (SFTP) #
For the SSH service on port 22, you must convert your public key into the RFC4716 format and then upload it.
#
Converting your key to RFC4716 format #
To convert the public SSH key into the correct format, enter the following command:
ssh-keygen -e -f .ssh/id_rsa.pub > .ssh/id_rsa_rfc.pub |
The public SSH key should now look like the one below:
|
#
Upload #
Now upload the created file:
|
#
Test #
Depending on which SSH key format you have uploaded, you should be able to log in without a password on port 22 and/or 23:
|