brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From henev...@apache.org
Subject [08/23] brooklyn-docs git commit: Removed child pages from locations
Date Fri, 13 May 2016 12:04:42 GMT
http://git-wip-us.apache.org/repos/asf/brooklyn-docs/blob/33bca1b9/guide/ops/locations/ssh-keys.md
----------------------------------------------------------------------
diff --git a/guide/ops/locations/ssh-keys.md b/guide/ops/locations/ssh-keys.md
deleted file mode 100644
index 03ee84e..0000000
--- a/guide/ops/locations/ssh-keys.md
+++ /dev/null
@@ -1,88 +0,0 @@
----
-section: SSH Keys
-section_position: 5
-section_type: inline
----
-
-### SSH Keys
-
-SSH keys are one of the simplest and most secure ways to access remote servers.
-They consist of two parts:
-
-* A private key (e.g. `id_rsa`) which is known only to one party or group
-  
-* A public key (e.g. `id_rsa.pub`) which can be given to anyone and everyone,
-  and which can be used to confirm that a party has a private key
-  (or has signed a communication with the private key)
-  
-In this way, someone -- such as you -- can have a private key,
-and can install a public key on a remote machine (in an `authorized_keys` file)
-for secure automated access.
-Commands such as `ssh` (and Brooklyn) can log in without
-revealing the private key to the remote machine,
-the remote machine can confirm it is you accessing it (if no one else has the private key),
-and no one snooping on the network can decrypt of any of the traffic.
- 
-
-#### Creating an SSH Key
-
-If you don't have an SSH key, create one with:
-
-{% highlight bash %}
-$ ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
-{% endhighlight %}
-
-
-#### Localhost Setup
-
-If you want to deploy to `localhost`, ensure that you have a public and private key,
-and that your key is authorized for ssh access:
-
-{% highlight bash %}
-# _Appends_ id_rsa.pub to authorized_keys. Other keys are unaffected.
-$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
-{% endhighlight %}
-
-Now verify that your setup by running the command: `ssh localhost echo hello world`
-
-If your setup is correct, you should see `hello world` printed back at you.
-
-On the first connection, you may see a message similar to this:
-
-<pre>
-The authenticity of host 'localhost (::1)' can't be established.
-RSA key fingerprint is 7b:e3:8e:c6:5b:2a:05:a1:7c:8a:cf:d1:6a:83:c2:ad.
-Are you sure you want to continue connecting (yes/no)?
-</pre>
-
-Simply answer 'yes' and then repeat the command again.
-
-If this isn't the case, see below. 
-
-
-
-
-#### Potential Problems
-
-* **MacOS user?** In addition to the above, enable "Remote Login" in "System Preferences
> Sharing".
-
-* **Got a passphrase?** Set `brooklyn.location.localhost.privateKeyPassphrase`
-  as described [here](index.html#os-setup).
-  If you're not sure, or you don't know what a passphrase is, you can test this by executing
`ssh-keygen -y`.
-  If it does *not* ask for a passphrase, then your key has no passphrase.
-  If your key does have a passphrase, you can remove it by running `ssh-keygen -p`.
-
-* Check that you have an `~/.ssh/id_rsa` file (or `id_dsa`) and a corresponding public key
with a `.pub` extension;
-  if not, create one as described above
-  
-* `~/.ssh/` or files in that directory may have permissions they shouldn't: 
-  they should be visible only to the user (apart from public keys),
-  both on the source machine and the target machine.
-  You can verify this with `ls -l ~/.ssh/`:  lines should start with `-rw-------` or `-r--------`
(or `-rwx------` for directories). 
-  If it does not, execute `chmod go-rwx ~/.ssh ~/.ssh/*`.
- 
-* Sometimes machines are configured with different sets of support SSL/TLS versions and ciphers;
-  if command-line `ssh` and `scp` work, but Brooklyn/java does not, check the versions enabled
in Java and on both servers.
-
-* Missing entropy: creating and using ssh keys requires randomness available on the servers,
-  usually in `/dev/random`; see [here]({{ site.path.website }}/documentation/increase-entropy.html)
for more information


Mime
View raw message