SSH_DSA

Introdução

Disponibilizar acesso remoto ao servidor via SSH usando chaves públicas ssh_dsa, faz com que o administrador do servidor saiba se quem está acessando é um usuário válido ou não. Este artigo mostrará como gerar sua chaves ssh e gpg.

Assumo que você já possui o open-ssh e gnupg instalados.

Gerando as chaves SSH DSA

Execute todos os comandos como usuário normal.

Para criar as chaves ssh-dsa pública e privada

# ssh-keygen

A chave pública que o adminstrador precisa estará em: ~/.ssh/id_dsa.pub

Gerando as chaves GPG

# gpg --gen-key
gpg (GnuPG) 1.2.5; Copyright (C) 2004 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: keyring `/home/alex/.gnupg/secring.gpg' created
Please select what kind of key you want:

#->  (1) DSA and ElGamal (default)
  (2) DSA (sign only)
  (4) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
             minimum keysize is  768 bits
             default keysize is 1024 bits
   highest suggested keysize is 2048 bits
What keysize do you want? (1024)

#->Requested keysize is 1024 bits
Please specify how long the key should be valid.
        0 = key does not expire
     <n>  = key expires in n days
     <n>w = key expires in n weeks
     <n>m = key expires in n months
     <n>y = key expires in n years

#->Key is valid for? (0)
Key does not expire at all
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
   "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Alexandro Silva
Email address: penguim@ubuntu.com
Comment: comment
You selected this USER-ID:
   "Alexandro Silva (comment) <penguim@ubuntu.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

#-> passphrase:

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++.+++++++++++++++.+++++++++++++++.+++++.++++++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++++++++++++++++++++++.++++++++++..+++++++++++++
public and secret key created and signed.
key marked as ultimately trusted.

pub  1024D/5F6D1662 2005-03-26 Alexandro Silva (comment) <penguim@ubuntu.com>
    Key fingerprint = D1BC 6822 0ACB 0025 8902  6DE7 87EA 4324 5F6D 1662
sub  1024g/0572A97F 2005-03-26

Suas chaves GPG pública e privada foram criadas no diretório ~/.gnupg

SSH_DSA (last edited 2011-09-19 23:20:58 by localhost)