SSH keys are used in portal to access servers. it's not possible to add server membership to users without SSH key.
Once you have your SHH key pair generated, go to your user profile and input public part of your key into Public SSH key field in Security management section.
Table of Contents
Recommendations
TDS recommends using EdDSA keys (ed25519):
- as it is more secure than RSA:
- EdDSA and ECDSA are not only more secure, but also faster than RSA
- long term future plans of SSH community are to replace DSA and RSA with at least ECDSA or best with EdDSA which is being widely adopted for several years
- long term TDS plans are to suppress usage of DSA/RSA keys and motivate end users to use EdDSA keys
Generating SSH key on Linux
This step fully follows Recommendations chapter.
Run following commands with properly defining your email in a comment:
...
Generating SSH key using Git SCM aka Git Bash
Install Git Bash
Install Make sure you have Git SCM (installed as it contains Git Bash).
- automated installation using winget
- Open power shell PowerShell as administrator
Run following command and wait 1-2 minutes for finishing of installation:
Code Block winget install --id Git.Git -e --source winget
If you are getting error with missing winget tool, install winget using these instructions before, you will use it in future for other stuff.
- manual installationSupport team members -
- Go to https://git-scm.com/download/win
- Download relevant installer, 64 bit is recommended
Steps in in installation guide
- Execute installation, simply click next, next...
- Advanced users can focus on some steps during wizard:
- Choosing default editor (code, notepad++, vim, nano...)
- Configuring line ending conventions >> Checkout as-is, commit as-is
Generate SSH key using Git Bash
Then follow pretty much same instructions as in GeneratingaSSHkeyonLinux GeneratingSSHkeyonLinux
Generating SSH key using Putty
Download PuTTY Key Generator (puttygen.exe) from official Putty home page https://www.putty.org/ and start it.
Change type to EdDSA, default 256bits is fine.
We recommend using EdDSA as it is more secure than RSA, RSA causes slower connection as it has bigger overhead and long term future plans of SSH community are to get rid of RSAThis step fully follows Recommendations chapter.
- Run the program and click on Generate and move your mouse (within the SSH generator window) until key is generated
- Change Key comment to your email address in format like in this example name.surname@example.com
- Optional: fill Key passphrase and confirm passphrase if you need one.
If you skip this step then you need to confirm that you want to save the keys without passphrase in the next steps. - Save public key as id_ed25519.pub
- Then save your private key in 2 commonly used formats. Please remember to keep private keys as private, never share it with anyone. Only public key can be shared.
- Putty format - Click Save private key and store as id_ed25519.ppk
- OpenSSH format - From the top menu in Conversions select Export OpenSSH Key and save it as id_ed25519
- Putty format - Click Save private key and store as id_ed25519.ppk
- Copy content of "Public key for pasting into OpenSSH authorized_keys file"
- Go to the TDS Portal and click on user icon located in top right corner of portal page. Then click on your name.
- In your profile click on "EDIT" button and then enter public part of your SSH key.
- Paste copied key from the step 7. Click on the Save button.
- Save all your generated SSH key files into folder ~/.ssh which is the same as C:\Users\<your_username>\.ssh folder. Thanks to this standardised location some of your applications will start using SSH key automatically. You will be always able to find it in case of need. Also TDS support team can help you more promptly in case of need.
...