diff options
author | erkin <e.altunbas@vyos.io> | 2022-03-10 17:51:19 +0300 |
---|---|---|
committer | erkin <e.altunbas@vyos.io> | 2022-03-10 17:51:19 +0300 |
commit | f3e59ac1cd00f92524c6297b9924240a16507032 (patch) | |
tree | ba3d792e9bf7e3be69a47840861de4f39fb113a1 | |
parent | 221be1eb0623061ffb9c07751255532f54a8486b (diff) | |
download | vyos-documentation-f3e59ac1cd00f92524c6297b9924240a16507032.tar.gz vyos-documentation-f3e59ac1cd00f92524c6297b9924240a16507032.zip |
Introduce `generate public-key-command` and deprecate `loadkey`
-rw-r--r-- | docs/configuration/service/ssh.rst | 37 | ||||
-rw-r--r-- | docs/configuration/system/login.rst | 6 |
2 files changed, 39 insertions, 4 deletions
diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst index 24881186..e03d1e70 100644 --- a/docs/configuration/service/ssh.rst +++ b/docs/configuration/service/ssh.rst @@ -127,8 +127,8 @@ Operation .. opcmd:: generate ssh client-key /path/to/private_key - Re-generated a known pub/private keyfile which can e.g. used to connect to - other services (RPKI cache). + Re-generated a known pub/private keyfile which can be used to connect to + other services (e.g. RPKI cache). Example: @@ -153,5 +153,36 @@ Operation | =.. o=.oo| +----[SHA256]-----+ - Two new files ``/config/auth/id_rsa_rpki`` and ``/config/auth/id_rsa_rpki.pub`` + Two new files ``/config/auth/id_rsa_rpki`` and + ``/config/auth/id_rsa_rpki.pub`` will be created. + +.. opcmd:: generate public-key-command name <username> path <location> + + Generate the configuration mode commands to add a public key for + :ref:`ssh_key_based_authentication`. + ``<location>`` can be a local path or a URL pointing at a remote file. + + Supported remote protocols are FTP, FTPS, HTTP, HTTPS, SCP/SFTP and TFTP. + + Example: + + .. code-block:: none + + alyssa@vyos:~$ generate public-key-command name alyssa path sftp://example.net/home/alyssa/.ssh/id_rsa.pub + # To add this key as an embedded key, run the following commands: + configure + set system login user alyssa authentication public-keys alyssa@example.net key AAA... + set system login user alyssa authentication public-keys alyssa@example.net type ssh-rsa + commit + save + exit + + ben@vyos:~$ generate public-key-command user ben path ~/.ssh/id_rsa.pub + # To add this key as an embedded key, run the following commands: + configure + set system login user ben authentication public-keys ben@vyos key AAA... + set system login user ben authentication public-keys ben@vyos type ssh-dss + commit + save + exit diff --git a/docs/configuration/system/login.rst b/docs/configuration/system/login.rst index 61201de7..89ef7e2f 100644 --- a/docs/configuration/system/login.rst +++ b/docs/configuration/system/login.rst @@ -84,6 +84,10 @@ The third part is simply an identifier, and is for your own reference. .. cfgcmd:: loadkey <username> <location> + **Deprecation notice:** ``loadkey`` has been deprecated in favour of + :opcmd:`generate public-key-commands` and will be removed in a future + version. See :ref:`ssh`. + SSH keys can not only be specified on the command-line but also loaded for a given user with `<username>` from a file pointed to by `<location>.` Keys can be either loaded from local filesystem or any given remote location @@ -122,7 +126,7 @@ Dial-In User Service)` servers as backend for user authentication. Configuration ------------- -.. cfgcmd:: set system login radius server <address> key <secret> +.. cfgcmd:: set system login radius server <address> secret <secret> Specify the `<address>` of the RADIUS server user with the pre-shared-secret given in `<secret>`. Multiple servers can be specified. |